CVSS 3.1 Score 5.9 of 10 (medium)


Published Sep 6, 2023
Updated: Sep 8, 2023


CVE-2023-40560 is a vulnerability categorized as a secondary cyber vulnerability. It is an authentication (admin+) stored cross-site scripting (XSS) vulnerability found in the Greg Ross Schedule Posts Calendar plugin versions <= 5.2. The vulnerability affects multiple products, including s-pbLO, s-pbLP, s-pbLM, s-pbLN, s-pbLc, s-pbLd, s-pbLa, s-pbLb, s-pbLY, s-pbLZ, s-pbLW, s-pbLX, s-pbLU, s-pbLV, s-pbLS, s-pbLT, and s-pbLR. The risk score assigned to this vulnerability is 26. Remediation steps to address the issue are not provided in the information provided. The potential danger posed by this vulnerability to an organization includes the risk of unauthorized access or manipulation of stored data and potential injection of malicious scripts leading to further attacks on users visiting the affected website or application.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-40560 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options