Description
The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Unknown | WP EasyPay | unaffected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-23713 | The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2025-05-05T16:07:02.998Z
Reserved: 2023-03-17T11:21:32.215Z
Link: CVE-2023-1465
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-08-16T12:15:12.420
Modified: 2025-05-05T16:15:28.367
Link: CVE-2023-1465
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses
No weakness.