WordPress Plugin Vulnerabilities

Options for Twenty Seventeen < 2.5.1 - Contributor+ Stored Cross-Site Scripting

Description

The plugin does not properly sanitize user-supplied input nor escape output for the 'social-links' shortcode. This leads to a Stored Cross-Site Scripting vulnerability, where an authenticated user with contributor-level permissions can inject arbitrary web scripts that execute whenever a page is accessed.

Affects Plugins

Plugin icon
options-for-twenty-seventeen
Fixed in 2.5.1

References

CVE
CVE-2023-5162
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/df35d8c6-55ec-4cf5-8055-93ec5193c0a4

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.4 (medium)

Miscellaneous

Original Researcher
Lana Codes
Verified
No
WPVDB ID
1f98aee4-9dae-4f00-a474-eeab29e9a917

Timeline

Publicly Published
2023-09-25 (about 2 years ago)
Added
2023-09-26 (about 2 years ago)
Last Updated
2023-09-26 (about 2 years ago)

Other

Published
Title
Published
2017-04-05
Title
Download WordPress Firewall 2 - Authenticated Stored XSS/CSRF
Published
2025-10-21
Title
Simple Business Data <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2024-11-13
Title
ReConstruction <= 1.4.7 - Reflected Cross-Site Scripting
Published
2021-09-27
Title
WooCommerce Product Table Lite < 2.4.0 - Reflected Cross-Site Scripting
Published
2024-05-03
Title
Folders Pro < 3.0.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting via User First Name and Last Name