CVE-2023-47854: WordPress Parallax Image Plugin <= 1.7.1 is vulnerable to Cross Site Scripting (XSS)
First published: Thu Nov 30 2023(Updated: )
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Howard Ehrenberg Parallax Image allows Stored XSS.This issue affects Parallax Image: from n/a through 1.7.1.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Howardehrenberg Parallax Image | <=1.7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-47854?
The severity of CVE-2023-47854 is medium.
What is the vulnerability in WordPress Parallax Image Plugin?
The vulnerability in WordPress Parallax Image Plugin is an improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability, also known as XSS.
How does the vulnerability in WordPress Parallax Image Plugin affect the software?
The vulnerability affects Parallax Image Plugin version up to and including 1.7.1.
How can the vulnerability be exploited?
The vulnerability can be exploited by injecting malicious script code into a website that uses the Parallax Image Plugin.
Is there a patch available for the vulnerability in WordPress Parallax Image Plugin?
Yes, a patch is available for the vulnerability in WordPress Parallax Image Plugin. You can find more information and the patch at the provided reference link.
- collector/nvd-api
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/title
- agent/references
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/howardehrenberg
- canonical/howardehrenberg parallax image
- version/howardehrenberg parallax image/1.7.1