Vulnerabilities > CVE-2023-2470 - Unspecified vulnerability in ADD to Feedly Project ADD to Feedly

CVSS 4.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

add-to-feedly-project

NVD

Published: 2023-05-30

Updated: 2023-11-07

Summary

The Add to Feedly WordPress plugin through 1.2.11 does not sanitize and escape its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Vulnerable Configurations

Part	Description	Count
Application	Add_To_Feedly_Project ADD TO Feedly Project ADD TO Feedly *	1

References

https://wpscan.com/vulnerability/de0adf26-8a0b-4b90-96d5-4bec6e770e04