CVE-2023-40675

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Sep 27, 2023
Updated: Sep 28, 2023
CWE ID 79

Summary

CVE-2023-40675 is a Cross-Site Scripting (XSS) vulnerability found in the PluginOps Landing Page Builder plugin versions 1.5.1.2 and earlier. This vulnerability affects a wide range of products identified by the codes pzlRWf, pzlRWe, pzlRWd, and others. The risk score for this vulnerability is 25, indicating a medium severity level. The exploitability score is 1.7, and high privileges are required for successful exploitation. User interaction is also required, and the attack vector is through the network. The potential impact includes low integrity and confidentiality impacts with a base score of 5.9. It is recommended to update the affected plugin to a patched version to remediate this vulnerability and prevent potential malicious attacks on an organization's web pages or applications.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-40675 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options