Headline
CVE-2023-4968: Changeset 2976774 for wplegalpages/trunk/public/class-wp-legal-pages-public.php – WordPress Plugin Repository
The WPLegalPages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ‘wplegalpage’ shortcode in versions up to, and including, 2.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with author-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Timestamp:
10/10/2023 05:24:41 AM (10 days ago)
WPEka Club
Message:
Release of version 2.9.3
File:
- wplegalpages/trunk/public/class-wp-legal-pages-public.php (1 diff)
Legend:
Unmodified
Added
Removed
wplegalpages/trunk/public/class-wp-legal-pages-public.php
r2754387
r2976774
147
147
$content = $page->post\_content;
148
148
}
149
149
150
if ( is\_single() || is\_page() ) {
150
return html\_entity\_decode( $content );
151
// Check if the current user has the "unfiltered\_html" capability
152
if ( author\_can($pid, 'unfiltered\_html' ) ) {
153
// If the user has the capability, decode the content
154
$content = html\_entity\_decode( $content );
155
}
156
157
return $content;
151
158
}
152
159
}
Note: See TracChangeset for help on using the changeset viewer.