CVE-2023-47767

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Nov 22, 2023

Updated: Nov 28, 2023

CWE ID 79

Summary

CVE-2023-47767 is a Cross-site Scripting (XSS) vulnerability affecting the Fla-shop.Com Interactive World Map plugin versions 3.2.0 and below. Maliciously crafted input data can be injected into web pages generated by the plugin, leading to unintended execution of malicious scripts in users' browsers. An attacker can exploit this vulnerability to steal sensitive information, install malware, or perform other unauthorized actions. To mitigate this risk, users are advised to update the plugin to a secure version or remove it from their websites.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tV5FpD
https://www.cve.org/CVERecord?id=CVE-2023-47767
https://nvd.nist.gov/vuln/detail/CVE-2023-47767

Back to Vulnerability Database

CVE-2023-47767

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations