CVE-2023-47808

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Nov 22, 2023

Updated: Nov 28, 2023

CWE ID 79

Summary

CVE-2023-47808 is a Cross-site Scripting (XSS) vulnerability affecting the Christina Uechi Add Widgets to Page plugin versions 1.3.2 and below. Maliciously crafted input data can be injected during web page generation, allowing attackers to execute malicious scripts in users' browsers. This can lead to information disclosure, session hijacking, or even full account takeover. Users are advised to update the plugin to the latest version or uninstall it if it's no longer in use.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tYINNX
https://www.cve.org/CVERecord?id=CVE-2023-47808
https://nvd.nist.gov/vuln/detail/CVE-2023-47808

Back to Vulnerability Database

CVE-2023-47808

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations