CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0276

The Weaver Xtreme Theme Support WordPress plugin before 6.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.1%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2023-0276

Weavertheme » Weaver Xtreme Theme Support » Version: N/A

cpe:2.3:a:weavertheme:weaver_xtreme_theme_support:-
Weavertheme » Weaver Xtreme Theme Support » Version: 0.1

cpe:2.3:a:weavertheme:weaver_xtreme_theme_support:0.1
Weavertheme » Weaver Xtreme Theme Support » Version: 5.0

cpe:2.3:a:weavertheme:weaver_xtreme_theme_support:5.0
Weavertheme » Weaver Xtreme Theme Support » Version: 5.0.2

cpe:2.3:a:weavertheme:weaver_xtreme_theme_support:5.0.2
Weavertheme » Weaver Xtreme Theme Support » Version: 6.1

cpe:2.3:a:weavertheme:weaver_xtreme_theme_support:6.1
Weavertheme » Weaver Xtreme Theme Support » Version: 6.2

cpe:2.3:a:weavertheme:weaver_xtreme_theme_support:6.2
Weavertheme » Weaver Xtreme Theme Support » Version: 6.2.5

cpe:2.3:a:weavertheme:weaver_xtreme_theme_support:6.2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0276

Products

Pricing

Contact Us