CVE-2023-45064

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Oct 18, 2023

Updated: Oct 25, 2023

CWE ID 79

Summary

CVE-2023-45064 is a newly disclosed Cross-Site Scripting (XSS) vulnerability affecting the Extend Wings OPcache Dashboard plugin, specifically versions below 0.3.1. An attacker can exploit this unauthenticated vulnerability by injecting malicious code through a reflected XSS attack, posing a significant risk to website users. Successful exploitation could lead to the unintended execution of malicious scripts in a user's web browser, compromising their data or sessions. Upgrading the plugin to a patched version is strongly recommended to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s4mc2A
https://www.cve.org/CVERecord?id=CVE-2023-45064
https://nvd.nist.gov/vuln/detail/CVE-2023-45064

Back to Vulnerability Database

CVE-2023-45064

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations