Greenshift < 5.0.0 – Author+ Stored XSS | CVE 2023-22707

Affects Plugins

greenshift-animation-and-page-builder-blocks

Fixed in 5.0.0

References

CVE

CVE-2023-22707

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

6.8 (medium)

Miscellaneous

Original Researcher

n0paew

Verified

No

WPVDB ID

c01e5914-460c-40de-a45c-9fc870402eb6

Timeline

Publicly Published

2023-03-27 (about 3 years ago)

Added

2023-03-27 (about 3 years ago)

Last Updated

2023-03-27 (about 3 years ago)

Other

Published

Title

Published

2025-11-17

Title

Photonic Gallery & Lightbox for Flickr, SmugMug & Others < 3.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via Caption Attribute

Published

2024-07-01

Title

The Post Grid < 7.7.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via section title tag

Published

2026-01-10

Title

Landing Page Builder < 1.5.3.5 - Authenticated (Author+) Stored Cross-Site Scripting

Published

2026-02-04

Title

Dynamic Widget Content < 1.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Content Field

Published

2019-05-15

Title

Give < 2.4.7 - Stored XSS