CVE-2023-5668

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Oct 20, 2023
Updated: Nov 7, 2023
CWE ID 79

Summary

CVE-2023-5668 is a vulnerability found in the WhatsApp Share Button plugin for WordPress, affecting all versions up to and including 1.0.1. The vulnerability allows authenticated attackers with contributor-level permissions or higher to inject arbitrary web scripts using the plugin's 'whatsapp' shortcode. This can lead to stored cross-site scripting (XSS) attacks, where malicious scripts are executed when users access the injected pages. The vulnerability is categorized as medium severity with a CVSS score of 5.4. Remediation of this vulnerability involves updating the plugin to a version that includes input sanitization and output escaping to prevent XSS attacks.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5668 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options