First published: Tue Nov 14 2023(Updated: )
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.23.11.6 versions.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pressified Sendpress | <=1.23.11.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-47517.
The severity level of CVE-2023-47517 is high with a CVSS score of 7.1.
The affected software is the SendPress Newsletters plugin version 1.23.11.6 for WordPress.
The vulnerability is an unauthenticated reflected Cross-Site Scripting (XSS) vulnerability in the SendPress Newsletters plugin version 1.23.11.6 for WordPress.
To fix this vulnerability, update the SendPress Newsletters plugin to a version higher than 1.23.11.6.