CVE-2023-41653

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Sep 27, 2023

Updated: Sep 28, 2023

CWE ID 79

Summary

CVE-2023-41653 represents a Reflected Cross-Site Scripting (XSS) vulnerability affecting the Beplus Sermon'e – Sermons Online plugin in versions 1.0.0 and below. Hackers can exploit this issue by injecting malicious scripts into a webpage, which, when accessed by an unsuspecting user, could result in the theft of sensitive data or the installation of malware. This flaw poses a significant risk to users who rely on this plugin for their religious services or sermons, making it essential for them to update to a secure version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sgaugS
https://www.cve.org/CVERecord?id=CVE-2023-41653
https://nvd.nist.gov/vuln/detail/CVE-2023-41653

Back to Vulnerability Database

CVE-2023-41653

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations