The Voting Record WordPress plugin through 2.0 is missing sanitisation as well as escaping, which could allow any authenticated users, such as subscriber to perform Stored XSS attacks
History

Fri, 20 Jun 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2024-01-16T15:57:03.277Z

Updated: 2025-06-20T17:23:27.788Z

Reserved: 2023-12-22T19:02:36.893Z

Link: CVE-2023-7084

cve-icon Vulnrichment

Updated: 2024-08-02T08:50:07.797Z

cve-icon NVD

Status : Modified

Published: 2024-01-16T16:15:14.023

Modified: 2025-06-20T18:15:24.563

Link: CVE-2023-7084

cve-icon Redhat

No data.