CVE-2023-41127 WordPress Evergreen Content Poster Plugin <= 1.3.6.1 is vulnerable to Cross Site Scripting (XSS)

🗓️ 30 Nov 2023 12:19:01Reported by PatchstackType

WordPress Evergreen Content Poster Plugin vulnerability to stored Cross Site Scriptin

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-41127	20 Dec 202318:12	–	circl
CNNVD	WordPress Plugin Evergreen Content Poster Cross-Site Scripting Vulnerability	30 Nov 202300:00	–	cnnvd
CVE	CVE-2023-41127	30 Nov 202312:19	–	cve
EUVD	EUVD-2023-45646	3 Oct 202520:07	–	euvd
NVD	CVE-2023-41127	30 Nov 202313:15	–	nvd
OSV	CVE-2023-41127	30 Nov 202313:15	–	osv
Patchstack	WordPress Evergreen Content Poster Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)	27 Nov 202300:00	–	patchstack
Prion	Cross site scripting	30 Nov 202313:15	–	prion
RedhatCVE	CVE-2023-41127	23 May 202504:37	–	redhatcve
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (November 27, 2023 to December 3, 2023)	7 Dec 202314:11	–	wordfence

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "evergreen-content-poster",
    "product": "Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media",
    "vendor": "Evergreen Content Poster",
    "versions": [
      {
        "lessThanOrEqual": "1.3.6.1",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/evergreen-content-poster/wordpress-evergreen-content-poster-plugin-1-3-6-1-cross-site-scripting-xss-vulnerability

28 Apr 2026 16:08Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.15.9

EPSS0.00386

CWE-79