Vulnerabilities > CVE-2023-0424 - Unspecified vulnerability in Ms-Reviews Project Ms-Reviews 1.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
The MS-Reviews WordPress plugin through 1.5 does not sanitise and escape reviews, which could allow users any authenticated users, such as Subscribers to perform Stored Cross-Site Scripting attacks
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |