CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0076

The Download Attachments WordPress plugin before 1.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.4%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2023-0076

Dfactory » Download Attachments » Version: N/A

cpe:2.3:a:dfactory:download_attachments:-
Dfactory » Download Attachments » Version: 1.0.0

cpe:2.3:a:dfactory:download_attachments:1.0.0
Dfactory » Download Attachments » Version: 1.0.0.1

cpe:2.3:a:dfactory:download_attachments:1.0.0.1
Dfactory » Download Attachments » Version: 1.0.1

cpe:2.3:a:dfactory:download_attachments:1.0.1
Dfactory » Download Attachments » Version: 1.0.10

cpe:2.3:a:dfactory:download_attachments:1.0.10
Dfactory » Download Attachments » Version: 1.0.2.1

cpe:2.3:a:dfactory:download_attachments:1.0.2.1
Dfactory » Download Attachments » Version: 1.0.3

cpe:2.3:a:dfactory:download_attachments:1.0.3
Dfactory » Download Attachments » Version: 1.0.4

cpe:2.3:a:dfactory:download_attachments:1.0.4
Dfactory » Download Attachments » Version: 1.0.5

cpe:2.3:a:dfactory:download_attachments:1.0.5
Dfactory » Download Attachments » Version: 1.0.6

cpe:2.3:a:dfactory:download_attachments:1.0.6
Dfactory » Download Attachments » Version: 1.0.7

cpe:2.3:a:dfactory:download_attachments:1.0.7
Dfactory » Download Attachments » Version: 1.0.8

cpe:2.3:a:dfactory:download_attachments:1.0.8
Dfactory » Download Attachments » Version: 1.0.9

cpe:2.3:a:dfactory:download_attachments:1.0.9
Dfactory » Download Attachments » Version: 1.1.0

cpe:2.3:a:dfactory:download_attachments:1.1.0
Dfactory » Download Attachments » Version: 1.1.1

cpe:2.3:a:dfactory:download_attachments:1.1.1
Dfactory » Download Attachments » Version: 1.2.0

cpe:2.3:a:dfactory:download_attachments:1.2.0
Dfactory » Download Attachments » Version: 1.2.1

cpe:2.3:a:dfactory:download_attachments:1.2.1
Dfactory » Download Attachments » Version: 1.2.10

cpe:2.3:a:dfactory:download_attachments:1.2.10
Dfactory » Download Attachments » Version: 1.2.11

cpe:2.3:a:dfactory:download_attachments:1.2.11
Dfactory » Download Attachments » Version: 1.2.12

cpe:2.3:a:dfactory:download_attachments:1.2.12
Dfactory » Download Attachments » Version: 1.2.13

cpe:2.3:a:dfactory:download_attachments:1.2.13
Dfactory » Download Attachments » Version: 1.2.14

cpe:2.3:a:dfactory:download_attachments:1.2.14
Dfactory » Download Attachments » Version: 1.2.15

cpe:2.3:a:dfactory:download_attachments:1.2.15
Dfactory » Download Attachments » Version: 1.2.16

cpe:2.3:a:dfactory:download_attachments:1.2.16
Dfactory » Download Attachments » Version: 1.2.17

cpe:2.3:a:dfactory:download_attachments:1.2.17
Dfactory » Download Attachments » Version: 1.2.18

cpe:2.3:a:dfactory:download_attachments:1.2.18
Dfactory » Download Attachments » Version: 1.2.19

cpe:2.3:a:dfactory:download_attachments:1.2.19
Dfactory » Download Attachments » Version: 1.2.2

cpe:2.3:a:dfactory:download_attachments:1.2.2
Dfactory » Download Attachments » Version: 1.2.20

cpe:2.3:a:dfactory:download_attachments:1.2.20
Dfactory » Download Attachments » Version: 1.2.21

cpe:2.3:a:dfactory:download_attachments:1.2.21
Dfactory » Download Attachments » Version: 1.2.22

cpe:2.3:a:dfactory:download_attachments:1.2.22
Dfactory » Download Attachments » Version: 1.2.23

cpe:2.3:a:dfactory:download_attachments:1.2.23
Dfactory » Download Attachments » Version: 1.2.3

cpe:2.3:a:dfactory:download_attachments:1.2.3
Dfactory » Download Attachments » Version: 1.2.4

cpe:2.3:a:dfactory:download_attachments:1.2.4
Dfactory » Download Attachments » Version: 1.2.5

cpe:2.3:a:dfactory:download_attachments:1.2.5
Dfactory » Download Attachments » Version: 1.2.6

cpe:2.3:a:dfactory:download_attachments:1.2.6
Dfactory » Download Attachments » Version: 1.2.7

cpe:2.3:a:dfactory:download_attachments:1.2.7
Dfactory » Download Attachments » Version: 1.2.8

cpe:2.3:a:dfactory:download_attachments:1.2.8
Dfactory » Download Attachments » Version: 1.2.9

cpe:2.3:a:dfactory:download_attachments:1.2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0076

Products

Pricing

Contact Us