CVE-2023-37993: WordPress wpShopGermany IT-RECHT KANZLEI Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)
First published: Thu Jul 27 2023(Updated: )
Auth. Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany IT-RECHT KANZLEI plugin <= 1.7 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WordPress wpShopGermany IT-RECHT KANZLEI | <1.8 |
Remedy
Update to 1.8 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-37993.
What is the severity level of CVE-2023-37993?
The severity level of CVE-2023-37993 is medium with a value of 4.8.
What is the affected software for CVE-2023-37993?
The affected software for CVE-2023-37993 is wpShopGermany IT-RECHT KANZLEI plugin <= 1.7 versions.
How does CVE-2023-37993 impact websites?
CVE-2023-37993 is an Authenticated Stored Cross-Site Scripting (XSS) vulnerability that allows attackers to inject malicious scripts into web pages viewed by authenticated users, potentially leading to unauthorized actions or data theft.
Is there a patch available for CVE-2023-37993?
Yes, a patch for CVE-2023-37993 is available. You can find more information and download the patch from the reference link.
- agent/type
- agent/severity
- agent/references
- agent/weakness
- agent/remedy
- agent/title
- agent/first-publish-date
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-latest
- collector/nvd-api
- vendor/maennchen1
- canonical/wordpress wpshopgermany it-recht kanzlei