Vulnerabilities > CVE-2023-0602 - Unspecified vulnerability in Johnniejodelljr Twittee Text Tweet 1.0.8

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

johnniejodelljr

NVD

Published: 2023-07-31

Updated: 2023-11-07

Summary

The Twittee Text Tweet WordPress plugin through 1.0.8 does not properly escape POST values which are printed back to the user inside one of the plugin's administrative page, which allows reflected XSS attacks targeting administrators to happen.

Vulnerable Configurations

Part	Description	Count
Application	Johnniejodelljr Johnniejodelljr Twittee Text Tweet 1.0.8	1

References

https://wpscan.com/vulnerability/c357f93d-4f21-4cd9-9378-d97756c75255