CVSS 3.1 Score 7.1 of 10 (high)


Published Nov 23, 2023
Updated: Nov 28, 2023
CWE ID 352


CVE-2023-47790 is a Cross-Site Request Forgery (CSRF) vulnerability that leads to a Cross-Site Scripting (XSS) vulnerability in Poporon Pz-LinkCard plugin versions 2.4.8 and below. This vulnerability affects various products, including mNHck8, tl96HU, mNHck9, and others. To remediate the vulnerability, users should update to a version of the plugin that is higher than 2.4.8. The potential danger posed by this vulnerability is considered high, with a base severity rating of HIGH and a base score of 7.1 out of 10. It requires user interaction and can potentially lead to unauthorized actions being performed on behalf of the user or the execution of malicious scripts on the affected website.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-47790 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options