The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/2e78735a-a7fc-41fe-8284-45bf451eff06 | Exploit Third Party Advisory |
https://wpscan.com/vulnerability/2e78735a-a7fc-41fe-8284-45bf451eff06 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:38
Type | Values Removed | Values Added |
---|---|---|
References | () https://wpscan.com/vulnerability/2e78735a-a7fc-41fe-8284-45bf451eff06 - Exploit, Third Party Advisory |
14 Aug 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
Summary | The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability. |
17 Jul 2023, 18:00
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:updraftplus:wp-optimize:*:*:*:*:*:wordpress:*:* cpe:2.3:a:srbtranslatin_project:srbtranslatin:*:*:*:*:*:wordpress:*:* |
|
References | (MISC) https://wpscan.com/vulnerability/2e78735a-a7fc-41fe-8284-45bf451eff06 - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
10 Jul 2023, 16:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-10 16:15
Updated : 2024-11-21 07:38
NVD link : CVE-2023-1119
Mitre link : CVE-2023-1119
CVE.ORG link : CVE-2023-1119
JSON object : View
Products Affected
updraftplus
- wp-optimize
srbtranslatin_project
- srbtranslatin
CWE
No CWE.