PT-2023-16768 · WordPress · Wp-Optimize+1

Paolo Elia

Publicado

2023-07-10

Atualizado

2025-01-06

CVE-2023-1119

CVSS v3.1

6.1

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions WP-Optimize WordPress plugin versions prior to 3.2.13 SrbTransLatin WordPress plugin versions prior to 2.4.1

Description The issue arises from the use of a third-party library that removes escaping on some HTML characters, leading to a cross-site scripting vulnerability. This allows for potential malicious script injection and execution.

Recommendations For WP-Optimize WordPress plugin versions prior to 3.2.13, update to version 3.2.13 or later. For SrbTransLatin WordPress plugin versions prior to 2.4.1, update to version 2.4.1 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-1119

Produtos afetados

Srbtranslatin

Wp-Optimize

PT-2023-16768 · WordPress · Wp-Optimize+1

CVE-2023-1119

Identificadores relacionados

Produtos afetados

Referências · 5