CVE-2023-51685Cross-site Scripting in Apps WP Review Slider

CWE-79Cross-site Scripting3 documents3 sources
Severity
4.8MEDIUMNVD
CNA5.9
EPSS
0.1%
top 81.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LJ Apps WP Review SliderLjapps WP Review Slider
Timeline
PublishedFeb 1

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LJ Apps WP Review Slider allows Stored XSS.This issue affects WP Review Slider: from n/a through 12.7.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:NExploitability: 1.7 | Impact: 2.7

Affected Packages2 packages

CVEListV5lj_apps/wp_review_slidern/a12.7

🔴Vulnerability Details

2
GHSA
GHSA-x5rp-83c9-9fm7: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LJ Apps WP Review Slider allows Stored XSS2024-02-01
CVEList
WordPress WP Review Slider Plugin <= 12.7 is vulnerable to Cross Site Scripting (XSS)2024-02-01
CVE-2023-51685 — Cross-site Scripting | cvebase