CVSS Score of 10 (low)


Published Jul 17, 2023
Updated: Nov 7, 2023


The vulnerability with the CVE ID CVE-2023-3041 affects the Autochat Automatic Conversation WordPress plugin through version 1.1.7. It is a cross-site scripting (XSS) attack caused by the plugin not properly sanitizing and escaping user input before displaying it on the page. This vulnerability has a base severity of "MEDIUM" and a CVSS score of 6.1 out of 10. It does not require any privileges for exploitation but does require user interaction. The affected products include various versions of Autochat Automatic Conversation WordPress plugin (sG6YmC, sG6YmD, sG6YmA, sG6YmB, sG6YmG, sG6YmH, sG6YmE, sG6YmF, sG6YmK, sG6YmL, sG6YmI, sG6YmJ, sG6YmO, sG6YmP, sG6YmM, and sG6YmN). Organizations should apply a patch or update to the latest version of the plugin to remediate this vulnerability and prevent potential malicious attacks exploiting this flaw.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-3041 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options