CVE-2023-0175

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-0175
The Responsive Clients Logo Gallery Plugin for WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

5.4 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://wpscan.com/vulnerability/cdcd3c2c-cb29-4b21-8d3d-7eafbc1d3098 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.0:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.3:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.4:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.5:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.6:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.7:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.8:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.9:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.0:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.3:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.4:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.5:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.6:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.7:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.8:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.9:*:*:*:*:wordpress:*:*
History

07 Nov 2023, 03:59

Type Values Removed Values Added
CWE CWE-79
Information

Published : 2023-03-20 16:15

Updated : 2024-02-28 20:13

NVD link : CVE-2023-0175

Mitre link : CVE-2023-0175

CVE.ORG link : CVE-2023-0175

JSON object : View

Products Affected

accesspressthemes

  • smart_logo_showcase_lite
CWE

No CWE.