CVE-2023-23722 - WP eBay Product Feeds <= 3.3.1 Admin+ Stored Cross-Site Scripting

less than 1 minute read

Researcher

This vulnerability was discovered by @yuyudhn.

Description

yuyudhn discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WP eBay Product Feeds Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 3.4.

Proof of Concept

Not published yet.

References

CVE-2023-23722 - Patchstack
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23722

Share on

Twitter Facebook LinkedIn

Yudha P.

Researcher

Description

Proof of Concept

References

Share on