{"uuid": "30019dea-6529-4676-b008-0c97a5f77a18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2701", "type": "seen", "source": "https://t.me/cibsecurity/66818", "content": "\u203c CVE-2023-2701 \u203c\n\nThe Gravity Forms WordPress plugin before 2.7.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high-privileged users such as admin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-17T18:40:15.000000Z"}