CVE-2023-47532 — Cross-site Scripting in WP Crowdfunding

Severity

6.1MEDIUMNVD

CNA5.8

EPSS

0.2%

top 58.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 14

Latest updateMar 18

Description

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themeum WP Crowdfunding plugin <= 2.1.6 versions.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

▶CVEListV5themeum/wp_crowdfundingn/a — 2.1.6

OSV

restrictedpython vulnerabilities↗2025-03-18

▶

GHSA

GHSA-7p29-xxfq-35jf: Unauth↗2023-11-15

▶

CVEList

WordPress WP Crowdfunding Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)↗2023-11-14

▶