CVE-2023-0448

medium

Description

The WP Helper Lite WordPress plugin, in versions < 4.3, returns all GET parameters unsanitized in the response, resulting in a reflected cross-site scripting vulnerability.

References

https://www.tenable.com/security/research/tra-2023-3

Details

Source: MITRE

Published: 2023-01-26

Updated: 2023-02-01

Type: CWE-79