CVSS Score of 10 (low)


Published Jun 13, 2023
Updated: Jun 23, 2023


CVE-2023-25978 is an authorization-related stored Cross-Site Scripting (XSS) vulnerability found in the Nate Reist Protected Posts Logout Button plugin versions 1.4.5 and earlier. This vulnerability has a medium base severity score of 4.8 and a high required privilege level for exploitation. It can be exploited over a network and requires user interaction. The impact of this vulnerability on confidentiality and integrity is low, with no availability impact. To remediate this vulnerability, organizations using affected versions of the plugin should update to a version that includes a fix for the XSS vulnerability. The potential danger to an organization includes the risk of malicious actors executing arbitrary script code on affected systems, potentially leading to information theft or manipulation on web pages generated by the plugin.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-25978 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options