CVE-2023-47239: WordPress Easy PayPal Shopping Cart Plugin <= 1.1.10 is vulnerable to Cross Site Scripting (XSS)
First published: Thu Nov 16 2023(Updated: )
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Scott Paterson Easy PayPal Shopping Cart plugin <= 1.1.10 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wpplugin Easy Paypal Shopping Cart | <=1.1.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-47239?
CVE-2023-47239 is a vulnerability in the WordPress Easy PayPal Shopping Cart Plugin version <= 1.1.10 that allows for Cross Site Scripting (XSS).
How severe is the CVE-2023-47239 vulnerability?
The severity of the CVE-2023-47239 vulnerability is medium, with a CVSS score of 6.5.
What is Cross Site Scripting (XSS)?
Cross Site Scripting (XSS) is a web application vulnerability that allows attackers to inject malicious scripts into web pages viewed by users.
What is the affected software version for CVE-2023-47239?
The affected software version for CVE-2023-47239 is the WordPress Easy PayPal Shopping Cart Plugin version <= 1.1.10.
Is there a fix for CVE-2023-47239?
Yes, it is recommended to update to a version of the WordPress Easy PayPal Shopping Cart Plugin that is higher than 1.1.10 to fix CVE-2023-47239.
- collector/mitre-cve
- collector/nvd-api
- vendor/wpplugin
- product/easy paypal shopping cart
- canonical/wpplugin easy paypal shopping cart