CVE-2023-41797

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Oct 2, 2023

Updated: Oct 3, 2023

CWE ID 79

Summary

CVE-2023-41797: A stored Cross-Site Scripting (XSS) vulnerability was identified in Gold Plugins Locations plugin versions up to 4.0. An attacker with contributor-level access could exploit this flaw by injecting malicious scripts into a targeted website. Successful exploitation could lead to unintended execution of malicious code, potentially resulting in data theft or site takeover. Users of the Gold Plugins Locations plugin are urged to update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/shz5pr
https://www.cve.org/CVERecord?id=CVE-2023-41797
https://nvd.nist.gov/vuln/detail/CVE-2023-41797

Back to Vulnerability Database

CVE-2023-41797

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations