cleantalk
Vulnerabilities and Security Researches

FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin, CVE-2023-1891

CVE, Research URL

CVE-2023-1891

Home page URL

Security reports for FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin

Application

FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin

Published on
Jun 27, 2023
Research Description
The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting
Affected versions
Min -, max 1.9.9.
Status
vulnerable
Previous vulnerability researches
FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin (CVE-2022-4974) , Nov 15, 2024
FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin (CVE-2024-47647) , Oct 03, 2024
FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin (e69e9c2879d1fb3c94ffb90840a8df8f8df991a3) , Jun 07, 2024
FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin (CVE-2023-1891) , Jun 07, 2024
FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin (CVE-2025-58659) , Sep 27, 2025
New vulnerability
FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin (CVE-2025-58659) , Sep 27, 2025
Events Manager – OpenStreetMaps (CVE-2025-58265) , Sep 27, 2025
SAPO Feed (CVE-2025-53462) , Sep 27, 2025
Estonian Shipping Methods for WooCommerce (CVE-2025-58656) , Sep 27, 2025
Casengo Live Chat Support (CVE-2025-58688) , Sep 27, 2025