CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2023-38000 – Auth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links Block
https://notcve.org/view.php?id=CVE-2023-38000
12 Oct 2023 — Auth. Stored (contributor+) Cross-Site Scripting (XSS) vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin <= 16.8.0 versions. Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en WordPress core 6.3 a 6.3.1, de 6.2 a 6.2.2, de 6.1 a 6.1.3, de 6.0 a 6.0.5, de 5.9 a 5.9.7 y versiones del complemento Gutenberg en versiones <= 16.8.0.... • https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •