WordPress Salient Core Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-48748
7.1HIGH
Summary
The Salient Core plugin by Theme Nectar is susceptible to a reflected Cross-site Scripting (XSS) vulnerability. This flaw allows attackers to inject malicious scripts into web pages, potentially compromising user data and website integrity. Users of Salient Core versions from n/a to 2.0.2 should take immediate action to mitigate this security risk.
Affected Version(s)
Salient Core <= 2.0.2
References
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Rafie Muhammad (Patchstack)