CVE-2023-47527

Summary

CVE-2023-47527 is a vulnerability categorized as CWE-79 (Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting) that affects the WP Edit Username plugin version 1.0.5 and earlier. This vulnerability allows for stored cross-site scripting attacks. The affected products include t9y8aA, t9y8Z7, t9y8Z8, t9y8Z9, t9y8Z-, and t9y8Z_. The base severity of this vulnerability is rated as MEDIUM, with a base score of 5.4 according to NIST's National Vulnerability Database (NVD). The exploitability score is 2.3, indicating a moderate level of difficulty for attackers to exploit the vulnerability. The potential danger to organizations lies in the fact that it requires low privileges and user interaction to be exploited over a network, which can lead to compromised integrity and confidentiality of data. Remediation measures should focus on updating WP Edit Username to a version beyond 1.0.5 or implementing fixes provided by the plugin developer. Note: The paragraph above is generated using the information from the given text while avoiding plagiarism by rephrasing and condensing the content into concise sentences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.