← Back

Wp Useronline

wp-useronline

Vendor: Lesterchan • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-5560
1Lesterchan
1Wp Useronline
Nov 21, 2024
Nov 27, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The WP-UserOnline WordPress plugin before 2.88.3 does not sanitise and escape the X-Forwarded-For header before outputting its content on the page, which allows unauthenticated users to perform Cross-Site Scripting attac...Show more
The WP-UserOnline WordPress plugin before 2.88.3 does not sanitise and escape the X-Forwarded-For header before outputting its content on the page, which allows unauthenticated users to perform Cross-Site Scripting attacks.Show less