VYPR
Medium severity6.5NVD Advisory· Published Dec 14, 2023· Updated Apr 28, 2026

CVE-2023-49846

CVE-2023-49846

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through 2.1.17.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:bearne:author_avatars_list\/block:*:*:*:*:*:wordpress:*:*+ 1 more
    • cpe:2.3:a:bearne:author_avatars_list\/block:*:*:*:*:*:wordpress:*:*range: <2.1.19
    • (no CPE)range: <=2.1.17

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.