First published: Tue Nov 14 2023(Updated: )
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Feed plugin <= 2.2.1 versions.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Photofeed Photo Feed | <=2.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-47522 is a vulnerability found in the WordPress Photo Feed Plugin, allowing for Cross Site Scripting (XSS).
CVE-2023-47522 is considered high severity with a CVSS score of 7.1.
The affected software is the Photo Feed plugin version <= 2.2.1 for WordPress.
The CWE-ID of CVE-2023-47522 is 79, which stands for Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
To fix CVE-2023-47522, you should update the Photo Feed plugin to a version higher than 2.2.1.