CVE-2023-0520

Exploit

EPSS 0.24%
Veröffentlicht 15.05.2023 13:15:09
Zuletzt bearbeitet 24.01.2025 21:15:08
Quelle contact@wpscan.com
CVE-Watchlists
Login
Unerledigt
Login

RapidExpCart <= 1.0 - Stored XSS via CSRF

RapidExpCart <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

RapidExpCart <= 1.0 - Authenticated (Level 8/Administrator+) Stored Cross-Site Scripting

The RapidExpCart WordPress plugin through 1.0 does not sanitize and escape the url parameter in the rapidexpcart endpoint before storing it and outputting it back in the page, leading to a Stored Cross-Site Scripting vulnerability which could be used against high-privilege users such as admin, furthermore lack of csrf protection means an attacker can trick a logged in admin to perform the attack by submitting a hidden form.

Mögliche Gegenmaßnahme

RapidExpCart: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Rapidexp ≫ Rapidexpcart SwPlatformwordpress Version <= 1.0

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt RapidExpCart

Version *-1.0

SystemWordPress Plugin

≫

Produkt RapidExpCart

Version *-1.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.24%	0.147

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.4	2.3	2.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.4	2.3	2.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://wpscan.com/vulnerability/be4f7ff9-af79-477b-9f47-e40e25a3558e

Exploit

https://www.wordfence.com/threat-intel/vulnerabilities/id/52fde632-f3a4-48d5-8c2c-c42b9d20dcb7

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/cc1e480c-577a-467a-8297-747512286a39

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-0520

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-0520

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-0520

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-0520