Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2023-0177

🗓️ 13 Feb 2023 15:21:15Reported by WPScanType 
cve
 cve🔗 web.nvd.nist.gov👁 36 Views🌐 WEB

The Social Like Box and Page by WpDevArt WordPress plugin before 0.8.41 allows stored Cross-Site Scripting attacks

Show more
Related
Detection
Affected
Refs
Paths
Nvd
Vulners
Node
wpdevartsocial_like_box_and_pageRange<0.8.41wordpress
[
  {
    "vendor": "Unknown",
    "product": "Social Like Box and Page by WpDevArt",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "0.8.41"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]
ParameterPositionPathDescriptionCWE
heightnested/wp-content/plugins/wpdevart-social-like-box/shortcode.phpStored Cross-Site Scripting due to improper escaping of shortcode attributes.CWE-79
border_colornested/wp-content/plugins/wpdevart-social-like-box/shortcode.phpStored Cross-Site Scripting due to improper escaping of shortcode attributes.CWE-79
localenested/wp-content/plugins/wpdevart-social-like-box/shortcode.phpStored Cross-Site Scripting due to improper escaping of shortcode attributes.CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
13 Feb 2023 15:15Current
5.3Medium risk
Vulners AI Score5.3
CVSS35.4
EPSS0.00054
SSVC
cve-2023-0177nvdwordpresspluginxsssecurity vulnerability
36
.json
Report