CVE-2023-5057

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Oct 16, 2023
Updated: Nov 7, 2023
CWE ID 79

Summary

CVE-2023-5057 is a vulnerability found in the ActivityPub WordPress plugin before version 1.0.0. This vulnerability allows users with a role of Contributor and above to perform Stored Cross-Site Scripting (XSS) attacks. It affects multiple products, including tE1izQ, tE1izN, tE1izM, tE1izP, tE1izO, and others. The risk score for this vulnerability is 25. The base severity is rated as MEDIUM with a base score of 5.4 according to the National Vulnerability Database (NVD). The exploitability score is 2.3, indicating a relatively low level of difficulty in exploiting this vulnerability. The potential danger it poses to an organization includes the risk of unauthorized code execution or manipulation leading to possible data breaches or other malicious activities. To remediate this vulnerability, users should update the ActivityPub WordPress plugin to version 1.0.0 or later.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5057 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options