CVEs-PoC/2023/CVE-2023-7246.md

CVE-2023-7246

Description

The System Dashboard WordPress plugin before 2.8.10 does not sanitize and escape some parameters, which could allow administrators in multisite WordPress configurations to perform Cross-Site Scripting attacks

POC

Reference

• https://wpscan.com/vulnerability/7413d5ec-10a7-4cb8-ac1c-4ef554751518/

Github

• https://github.com/NaInSec/CVE-LIST