CVE-2023-28622: WordPress Easy Slider Revolution Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
First published: Thu Aug 17 2023(Updated: )
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Trident Technolabs Easy Slider Revolution plugin <= 1.0.0 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Slider Revolution | <=1.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-28622.
What is the severity of CVE-2023-28622?
The severity of CVE-2023-28622 is medium with a CVSS score of 5.9.
What is the affected software for CVE-2023-28622?
The affected software for CVE-2023-28622 is Trident Technolabs Easy Slider Revolution plugin version 1.0.0 and below.
What is the Common Weakness Enumeration (CWE) ID for CVE-2023-28622?
The Common Weakness Enumeration (CWE) ID for CVE-2023-28622 is CWE-79.
How do I fix CVE-2023-28622?
To fix CVE-2023-28622, update Trident Technolabs Easy Slider Revolution plugin to a version higher than 1.0.0.
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/title
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- vendor/tridenttechnolabs
- canonical/slider revolution
- version/slider revolution/1.0.0