← Back to CVE List
CVE-2023-1373
Published:
2023-04-17T13:15Z
Last Modified:
2025-02-06T17:15Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
The W4 Post List WordPress plugin before 2.4.6 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting > MITRE Terms of Use apply – see LICENSE‑MITRE.txt