druxter-x

1 exploit Active since May 2023
CVE-2023-2023 NOMISEC MEDIUM WORKING POC
Custom 404 Pro < 3.7.3 - Reflected Cross-Site Scripting via URL Attribute
The Custom 404 Pro WordPress plugin before 3.7.3 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.
CVSS 6.1