Vulnerability Details CVE-2023-25710
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DIGITALBLUE Click to Call or Chat Buttons plugin <= 1.4.0 versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.2%
CVSS Severity
CVSS v3 Score 5.9
References
- https://patchstack.com/database/vulnerability/click-to-call-or-chat-buttons/wordpress-click-to-call-or-chat-buttons-plugin-1-4-0-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/click-to-call-or-chat-buttons/wordpress-click-to-call-or-chat-buttons-plugin-1-4-0-cross-site-scripting-xss-vulnerability?_s_id=cve
Products affected by CVE-2023-25710
-
cpe:2.3:a:digitalblue:click_to_call_or_chat_buttons:1.0.0
-
cpe:2.3:a:digitalblue:click_to_call_or_chat_buttons:1.1.0
-
cpe:2.3:a:digitalblue:click_to_call_or_chat_buttons:1.2.0
-
cpe:2.3:a:digitalblue:click_to_call_or_chat_buttons:1.3.0
-
cpe:2.3:a:digitalblue:click_to_call_or_chat_buttons:1.4.0