First published: Tue Oct 17 2023(Updated: )
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7.1 versions.
Credit: audit@patchstack.com audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pluginus Wolf - Wordpress Posts Bulk Editor And Products Manager Professional | <1.0.7.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-44990 is medium with a score of 5.9.
CVE-2023-44990 is a stored Cross-Site Scripting (XSS) vulnerability that affects the realmag777 WOLF plugin versions <= 1.0.7.1.
CVE-2023-44990 can be exploited by authenticated administrators or users with higher privileges in the realmag777 WOLF plugin.
The Common Weakness Enumeration (CWE) for CVE-2023-44990 is CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).
To fix CVE-2023-44990, it is recommended to update the realmag777 WOLF plugin to version 1.0.7.2 or higher.