First published: Mon Nov 20 2023(Updated: )
The Seraphinite Accelerator WordPress plugin before 2.2.29 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
|Affected Software||Affected Version||How to fix|
|S-sols Seraphinite Accelerator||<2.2.29|
CVE-2023-5609 is a vulnerability in the Seraphinite Accelerator WordPress plugin that allows for Reflected Cross-Site Scripting attacks.
CVE-2023-5609 can be used against high privilege users, such as admin, to execute malicious scripts.
The severity of CVE-2023-5609 is medium, with a CVSS score of 6.1.
Seraphinite Accelerator versions before 2.2.29 are affected by CVE-2023-5609.
To fix CVE-2023-5609, users should update the Seraphinite Accelerator plugin to version 2.2.29 or above.