CVE-2023-23668: WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Scripting (XSS)
First published: Mon May 08 2023(Updated: )
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in GiveWP plugin <= 2.25.1 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Givenu Givenu Give | <2.25.2 |
Remedy
Update to 2.25.2 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this XSS vulnerability?
The vulnerability ID for this XSS vulnerability is CVE-2023-23668.
What is the severity level of CVE-2023-23668?
CVE-2023-23668 has a severity level of medium.
What is the affected software for CVE-2023-23668?
The affected software for CVE-2023-23668 is the GiveWP plugin version 2.25.1 and below.
How can I fix the XSS vulnerability in GiveWP plugin?
To fix the XSS vulnerability in GiveWP plugin, you should upgrade to version 2.25.2 or later.
Is there any additional information about CVE-2023-23668?
Yes, you can find more information about CVE-2023-23668 at the following reference: [link](https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-2-25-1-contributor-cross-site-scripting-xss-vulnerability?_s_id=cve)
- collector/nvd-latest
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/author
- agent/severity
- agent/weakness
- agent/remedy
- agent/references
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/givewp
- canonical/givenu givenu give