CVE-2023-44265: WordPress Popup contact form Plugin <= 7.1 is vulnerable to Cross Site Scripting (XSS)
First published: Mon Oct 02 2023(Updated: )
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions.
Credit: audit@patchstack.com audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Gopiplus Popup Contact Form | <=7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-44265.
What is the severity level of CVE-2023-44265?
The severity level of CVE-2023-44265 is medium.
What is the affected software by CVE-2023-44265?
The affected software by CVE-2023-44265 is Gopi Ramasamy Popup contact form plugin version <= 7.1 for WordPress.
What is the Common Weakness Enumeration (CWE) ID associated with CVE-2023-44265?
The CWE ID associated with CVE-2023-44265 is CWE-79 (Cross-Site Scripting).
Are there any patches or fixes available for CVE-2023-44265?
Yes, patches or fixes are available. You can find more information at https://patchstack.com/database/vulnerability/popup-contact-form/wordpress-popup-contact-form-plugin-7-1-cross-site-scripting-xss?_s_id=cve
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- agent/title
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- vendor/gopiplus
- canonical/gopiplus popup contact form
- version/gopiplus popup contact form/7.1