CVE-2023-47517

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Nov 14, 2023
Updated: Nov 21, 2023
CWE ID 79

Summary

CVE-2023-47517 is an Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability found in the SendPress Newsletters plugin versions 1.23.11.6 and below. The vulnerability affects a wide range of products, including various versions of the plugin as well as related components. Remediation for this vulnerability is not mentioned in the provided information, but patching or updating to a secure version of the plugin would likely be recommended. The potential danger this vulnerability poses to an organization is high, as it allows an attacker to inject malicious code into web pages viewed by users, potentially leading to unauthorized access, data theft, or further exploitation of the affected system.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-47517 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options