CVE-2023-47239: WordPress Easy PayPal Shopping Cart Plugin <= 1.1.10 is vulnerable to Cross Site Scripting (XSS)
First published: Thu Nov 16 2023(Updated: )
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Scott Paterson Easy PayPal Shopping Cart plugin <= 1.1.10 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Easy PayPal Shopping Cart | <=1.1.10 |
Remedy
Update to 1.1.11 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-47239?
CVE-2023-47239 is a vulnerability in the WordPress Easy PayPal Shopping Cart Plugin version <= 1.1.10 that allows for Cross Site Scripting (XSS).
How severe is the CVE-2023-47239 vulnerability?
The severity of the CVE-2023-47239 vulnerability is medium, with a CVSS score of 6.5.
What is Cross Site Scripting (XSS)?
Cross Site Scripting (XSS) is a web application vulnerability that allows attackers to inject malicious scripts into web pages viewed by users.
What is the affected software version for CVE-2023-47239?
The affected software version for CVE-2023-47239 is the WordPress Easy PayPal Shopping Cart Plugin version <= 1.1.10.
Is there a fix for CVE-2023-47239?
Yes, it is recommended to update to a version of the WordPress Easy PayPal Shopping Cart Plugin that is higher than 1.1.10 to fix CVE-2023-47239.
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/author
- agent/title
- agent/weakness
- agent/description
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/wpplugin
- canonical/easy paypal shopping cart
- version/easy paypal shopping cart/1.1.10