CVE-2023-2399

Summary

The QuBot WordPress plugin before 1.1.6 doesn't filter user input on chat, leading to bad code inserted on it be reflected on the user dashboard.

Affected Software

VendorProductVersion RangeStatus
UnknownQuBot0 < 1.1.6affected

Weaknesses

  • CWE-79 Cross-Site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References