CVE-2023-44230: WordPress Popup contact form Plugin <= 7.1 is vulnerable to Cross Site Scripting (XSS)
First published: Mon Oct 02 2023(Updated: )
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions.
Credit: audit@patchstack.com audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Gopiplus Popup Contact Form | <=7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-44230?
CVE-2023-44230 is an authentication (admin+) stored Cross-Site Scripting (XSS) vulnerability in the Gopi Ramasamy Popup contact form plugin version 7.1 and below.
What is the severity of CVE-2023-44230?
The severity of CVE-2023-44230 is medium, with a severity value of 4.8.
How does CVE-2023-44230 affect the Gopi Ramasamy Popup contact form plugin?
CVE-2023-44230 affects the Gopi Ramasamy Popup contact form plugin version 7.1 and below, allowing stored Cross-Site Scripting (XSS) attacks.
Is there a fix available for CVE-2023-44230?
Yes, a fix is available for CVE-2023-44230. It is recommended to update the Gopi Ramasamy Popup contact form plugin to a version higher than 7.1.
Where can I find more information about CVE-2023-44230?
More information about CVE-2023-44230 can be found at the following reference: [https://patchstack.com/database/vulnerability/popup-contact-form/wordpress-popup-contact-form-plugin-7-1-cross-site-scripting-xss-2?_s_id=cve].
- collector/nvd-api
- collector/nvd-index
- agent/type
- agent/author
- agent/softwarecombine
- agent/title
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- vendor/gopiplus
- canonical/gopiplus popup contact form
- version/gopiplus popup contact form/7.1