CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47646 – WordPress Recently viewed and most viewed products Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-47646
07 Nov 2023 — Auth. (Shop Manager+) Stored Cross-Site Scripting (XSS) vulnerability in CedCommerce Recently viewed and most viewed products plugin <= 1.1.1 versions. Vulnerabilidad de Cross-Site Scripting (XSS) autenticada (con permisos de gerente de tienda o superiores) almacenada en el complemento CedCommerce Recently Viewed and Most Viewed Products en versiones <= 1.1.1. The Recently viewed and most viewed products plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an unknown parameter in all ver... • https://patchstack.com/database/vulnerability/recently-viewed-and-most-viewed-products/wordpress-recently-viewed-and-most-viewed-products-plugin-1-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •