CVSS 3.1 Score 5.9 of 10 (medium)


Published Dec 15, 2023
Updated: Dec 19, 2023


CVE-2023-49180 is a vulnerability categorized as CWE-79, which refers to the improper neutralization of input during web page generation (cross-site scripting). This vulnerability affects the Automatic Youtube Video Posts Plugin by Ternstyle LLC, specifically versions from n/a through 5.2.2. The vulnerability allows for stored cross-site scripting (XSS) attacks. The base severity of this vulnerability is medium, with a base score of 5.9 according to the CVSS:3.1 rating. It requires high privileges and user interaction to exploit, and its impact on integrity and confidentiality is low. Organizations using this plugin are advised to update it to the latest version in order to remediate the vulnerability and reduce potential risks to their systems and data.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-49180 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options