WPBulky < 1.0.10 - Contributor+ Stored Cross-Site Scripting

2023-08-0800:00:00

wpscan.com

plugin sanitize user input contributor role cross-site scripting attacks

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

21.7%

JSON

Description The plugin does not properly sanitize user input via its sanitize() function, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks