CVE-2023-46313
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2023-46313 is a newly disclosed Cross-Site Scripting (XSS) vulnerability affecting versions 7.3.4 and below of the Katie Seaborn Zotpress plugin. Attackers can exploit this unauthenticated reflection XSS issue to inject malicious code into a victim's webpage. Successful exploitation could potentially lead to user session hijacking or data theft, posing a significant threat to the security of WordPress websites using the vulnerable plugin version. Users are strongly urged to update to the latest, secure plugin version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.