CVE-2023-47549: WordPress EazyDocs Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)
First published: Tue Nov 14 2023(Updated: )
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability on 302 response page in spider-themes EazyDocs plugin <= 2.3.3 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Spider-themes EazyDocs | <=2.3.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of WordPress EazyDocs Plugin?
The vulnerability ID of WordPress EazyDocs Plugin is CVE-2023-47549.
What is the severity of CVE-2023-47549?
The severity of CVE-2023-47549 is medium (6.8).
What is the affected software by CVE-2023-47549?
The affected software by CVE-2023-47549 is Spider-themes Eazydocs plugin version 2.3.3 and lower.
What is the Common Weakness Enumeration (CWE) for CVE-2023-47549?
The Common Weakness Enumeration (CWE) for CVE-2023-47549 is CWE-79.
How can I fix the Cross-Site Scripting (XSS) vulnerability in WordPress EazyDocs Plugin?
To fix the Cross-Site Scripting (XSS) vulnerability in WordPress EazyDocs Plugin, you should update the plugin to a version beyond 2.3.3.
- agent/event
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/weakness
- agent/author
- agent/severity
- agent/title
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/spider-themes
- canonical/spider-themes eazydocs
- version/spider-themes eazydocs/2.3.3