Description
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
Remediation
References
Related Vulnerabilities
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-31216)
WordPress Plugin fMoblog 'id' Parameter SQL Injection (2.1)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3271)
Ruby Uncontrolled Resource Consumption Vulnerability (CVE-2018-8777)
WordPress Plugin Contextual Related Posts Cross-Site Scripting (3.3.0)