CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-0212

The Advanced Recent Posts WordPress plugin through 0.6.14 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.7%

CVSS Severity

CVSS v3 Score 5.4

References

https://wpscan.com/vulnerability/5fdd44aa-7f3f-423a-9fb0-dc9dc36f33a3
https://wpscan.com/vulnerability/5fdd44aa-7f3f-423a-9fb0-dc9dc36f33a3

Products affected by CVE-2023-0212

Advanced Recent Posts Project » Advanced Recent Posts » Version: N/A

cpe:2.3:a:advanced_recent_posts_project:advanced_recent_posts:-
Advanced Recent Posts Project » Advanced Recent Posts » Version: 0.6.14

cpe:2.3:a:advanced_recent_posts_project:advanced_recent_posts:0.6.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0212

Products

Pricing

Contact Us