CVSS Score of 10 (low)


Published Jun 19, 2023
Updated: Jun 27, 2023


CVE-2023-35776 is a Cross-Site Scripting (XSS) vulnerability found in versions <= 1.0.0 of the Beplus Sermon'e – Sermons Online plugin. This vulnerability affects the ryumCB product. The vulnerability allows for unauthorized individuals with contributor or higher access to inject malicious code into the plugin, potentially compromising the security of the website. To remediate this vulnerability, users should update their plugin to a version that is not affected by the issue. The potential danger of this vulnerability lies in the ability for attackers to execute arbitrary scripts in a victim's browser, leading to various types of attacks such as session hijacking or defacement of web pages.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-35776 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options