CVSS 3.1 Score 4.8 of 10 (medium)


Published Nov 20, 2023
Updated: Nov 27, 2023


CVE-2023-5343 is a vulnerability found in the Popup box WordPress plugin before version 3.7.9. This plugin does not properly sanitize and escape certain settings, which can allow high privilege users, including administrators, to carry out Cross-Site Scripting (XSS) attacks even when the unfiltered_html option is disabled. It affects various products within the tUi2z and jZdQv series, as well as the jbkPN and jZdQx series. To remediate this vulnerability, users should update the Popup box plugin to version 3.7.9 or later. The potential danger posed by this vulnerability is considered medium, with a base severity score of 4.8 out of 10 and an impact score of 2.7 out of 10 according to CVSS:3.1 standards.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5343 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options