First published: Tue Nov 14 2023(Updated: )
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Lavacode Lava Directory Manager plugin <= 1.1.34 versions.
|Affected Software||Affected Version||How to fix|
|Lava-code Lava Directory Manager||<=1.1.34|
CVE-2023-47659 is a vulnerability in the WordPress Lava Directory Manager Plugin version 1.1.34 and below that allows for Cross Site Scripting (XSS) attacks.
The vulnerability CVE-2023-47659 has a severity of medium with a CVSS score of 6.5.
The vulnerability CVE-2023-47659 affects the Lava Directory Manager plugin for WordPress version 1.1.34 and below, allowing for stored Cross-Site Scripting (XSS) attacks.
To fix the vulnerability CVE-2023-47659, it is recommended to update the Lava Directory Manager plugin to a version that is not affected, such as version 1.1.35 or later.
You can find more information about the vulnerability CVE-2023-47659 at the following reference: [link](https://patchstack.com/database/vulnerability/lava-directory-manager/wordpress-lava-directory-manager-plugin-1-1-34-contributor-stored-cross-site-scripting-xss-vulnerability?_s_id=cve)