CVE-2023-5334
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2023-5334: A critical vulnerability affects the WP Responsive header image slider plugin for WordPress. This issue, which impacts versions up to and including 3.2.1, allows authenticated attackers with contributor-level permissions or higher to execute arbitrary web scripts. The vulnerability stems from insufficient input sanitization and output escaping on user-supplied attributes within the 'sp_responsiveslider' shortcode. As a result, an attacker can inject malicious code that will execute whenever a user accesses an injected page, posing a significant security risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.