CVE-2023-23972: WordPress Social Like Box and Page by WpDevArt Plugin <= 0.8.39 is vulnerable to Cross Site Scripting (XSS)
First published: Thu Apr 06 2023(Updated: )
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smplug-in Social Like Box and Page by WpDevArt plugin <= 0.8.39 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wpdevart Social Like Box And Page | <=0.8.39 |
Remedy
Update to 0.8.40 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this XSS vulnerability?
The vulnerability ID for this XSS vulnerability is CVE-2023-23972.
What is the title of this vulnerability?
The title of this vulnerability is Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smplug-in Social Like Box and Page…
What is the affected software for this XSS vulnerability?
The affected software for this XSS vulnerability is Wpdevart Social Like Box And Page plugin version up to and including 0.8.39.
What is the severity of this XSS vulnerability?
The severity of this XSS vulnerability is medium with a CVSS score of 4.8.
How can I fix this XSS vulnerability?
To fix this XSS vulnerability, update your Smplug-in Social Like Box and Page by WpDevArt plugin to a version higher than 0.8.39.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/remedy
- agent/references
- agent/severity
- agent/title
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/wpdevart
- canonical/wpdevart social like box and page
- version/wpdevart social like box and page/0.8.39