CVE-2023-4719
CVSS V2 None
CVSS V3 None
Description
The Simple Membership plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `list_type` parameter in versions up to, and including, 4.3.5 due to insufficient input sanitization and output escaping. Using this vulnerability, unauthenticated attackers could inject arbitrary web scripts into pages that are being executed if they can successfully trick a user into taking an action, such as clicking a malicious link.
Overview
- CVE ID
- CVE-2023-4719
- Assigner
- security@wordfence.com
- Vulnerability Status
- Received
- Published Version
- 2023-09-06T02:15:09
- Last Modified Date
- 2023-09-06T02:15:09
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-4719 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4719 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2023-09-06 03:14:30 | Added to TrackCVE | |||
2023-09-06 03:14:34 | Weakness Enumeration | new |