Security Advisory

CVE-2023-3746

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-16 19:39:14

Last updated 2025-04-23 16:12:00

Assigner WPScan

State PUBLISHED

Description

The ActivityPub WordPress plugin before 1.0.0 does not sanitize and escape some data from post content, which could allow contributor and above role to perform Stored Cross-Site Scripting attacks

← Browse all CVEs View on cve.org ↗