CVE-2023-47546: WordPress OneClick Chat to Order Plugin <= 1.0.4.2 is vulnerable to Cross Site Scripting (XSS)
First published: Tue Nov 14 2023(Updated: )
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Walter Pinem OneClick Chat to Order plugin <= 1.0.4.2 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Walterpinem Oneclick Chat To Order | <=1.0.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-47546?
CVE-2023-47546 is a vulnerability in the WordPress OneClick Chat to Order Plugin version <= 1.0.4.2 that allows for Cross Site Scripting (XSS).
What is the severity of CVE-2023-47546?
The severity of CVE-2023-47546 is medium, with a severity value of 5.9.
How does CVE-2023-47546 affect me?
If you are using the affected version of the OneClick Chat to Order Plugin, your website may be vulnerable to Cross Site Scripting attacks.
How do I fix CVE-2023-47546?
To fix CVE-2023-47546, you should update the plugin to a version that is not affected by the vulnerability.
Where can I find more information about CVE-2023-47546?
You can find more information about CVE-2023-47546 at the following reference: [link](https://patchstack.com/database/vulnerability/oneclick-whatsapp-order/wordpress-oneclick-chat-to-order-plugin-1-0-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve)
- collector/mitre-cve
- collector/nvd-api
- vendor/walterpinem
- canonical/walterpinem oneclick chat to order
- version/walterpinem oneclick chat to order/1.0.4.2