CVE-2023-48746: WordPress Community by PeepSo Plugin <= 6.2.6.0 is vulnerable to Cross Site Scripting (XSS)
First published: Thu Nov 30 2023(Updated: )
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Reflected XSS.This issue affects Community by PeepSo – Social Network, Membership, Registration, User Profiles: from n/a through 6.2.6.0.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Peepso Peepso | <=6.2.6.0 |
Remedy
Update to 6.2.7.0 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for the WordPress Community by PeepSo Plugin vulnerability?
The vulnerability ID is CVE-2023-48746.
What is the severity of CVE-2023-48746?
The severity of CVE-2023-48746 is high with a CVSS score of 7.1.
How does CVE-2023-48746 impact the PeepSo Community by PeepSo - Social Network, Membership, Registration, User Profiles plugin?
CVE-2023-48746 allows for reflected Cross-Site Scripting (XSS) attacks in the PeepSo Community plugin.
What is the affected software version for CVE-2023-48746?
The affected software version for CVE-2023-48746 is PeepSo Community by PeepSo Plugin version 6.2.6.0.
How can I fix the CVE-2023-48746 vulnerability in WordPress Community by PeepSo Plugin?
To fix the CVE-2023-48746 vulnerability, update the PeepSo Community by PeepSo Plugin to a version higher than 6.2.6.0.
- collector/nvd-api
- agent/severity
- agent/title
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/peepso
- canonical/peepso peepso
- version/peepso peepso/6.2.6.0