CVE-2023-46075

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Oct 26, 2023
Updated: Nov 3, 2023
CWE ID 79

Summary

CVE-2023-46075 is a newly identified vulnerability affecting the wpdevart Contact Form Builder and Contact Widget plugin versions 2.1.6 and below. This issue permits an unauthenticated attacker to execute Reflected Cross-Site Scripting (XSS) attacks through specially crafted input. Successful exploitation could lead to the hijacking of user sessions, data theft, or unintended functionality execution. Users are advised to update their plugins to the latest available version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share