CVE-2023-46075
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Published Oct 26, 2023
Updated: Nov 3, 2023
CWE ID 79
Summary
CVE-2023-46075 is a newly identified vulnerability affecting the wpdevart Contact Form Builder and Contact Widget plugin versions 2.1.6 and below. This issue permits an unauthenticated attacker to execute Reflected Cross-Site Scripting (XSS) attacks through specially crafted input. Successful exploitation could lead to the hijacking of user sessions, data theft, or unintended functionality execution. Users are advised to update their plugins to the latest available version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share