CVE-2023-0285
Real Media Library < 4.18.29 - Author+ Stored XSS
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
21 fev 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The Real Media Library WordPress plugin before 4.18.29 does not sanitise and escape the created folder names, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.
Produtos afetados
Unknown · Real Media Library: Media Library Folder & File Manager