CVE-2023-2813 : Multiple Themes - Reflected XSS

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2023-2813 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

Multiple Themes - Reflected XSS

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordPress theme through 1.1, Arendelle WordPress theme before 1.1.13, Atlast Business WordPress theme through 1.5.8.5, Bazaar Lite WordPress theme before 1.8.6, Brain Power WordPress theme through 1.2, BunnyPressLite WordPress theme before 2.1, Cafe Bistro WordPress theme before 1.1.4, College WordPress theme before 1.5.1, Connections Reloaded WordPress theme through 3.1, Counterpoint WordPress theme through 1.8.1, Digitally WordPress theme through 1.0.8, Directory WordPress theme before 3.0.2, Drop WordPress theme before 1.22, Everse WordPress theme before 1.2.4, Fashionable Store WordPress theme through 1.3.4, Fullbase WordPress theme before 1.2.1, Ilex WordPress theme before 1.4.2, Js O3 Lite WordPress theme through 1.5.8.2, Js Paper WordPress theme through 2.5.7, Kata WordPress theme before 1.2.9, Kata App WordPress theme through 1.0.5, Kata Business WordPress theme through 1.0.2, Looki Lite WordPress theme before 1.3.0, moseter WordPress theme through 1.3.1, Nokke WordPress theme before 1.2.4, Nothing Personal WordPress theme through 1.0.7, Offset Writing WordPress theme through 1.2, Opor Ayam WordPress theme through 18, Pinzolo WordPress theme before 1.2.10, Plato WordPress theme before 1.1.9, Polka Dots WordPress theme through 1.2, Purity Of Soul WordPress theme through 1.9, Restaurant PT WordPress theme before 1.1.3, Saul WordPress theme before 1.1.0, Sean Lite WordPress theme before 1.4.6, Tantyyellow WordPress theme through 1.0.0.5, TIJAJI WordPress theme through 1.43, Tiki Time WordPress theme through 1.3, Tuaug4 WordPress theme through 1.4, Tydskrif WordPress theme through 1.1.3, UltraLight WordPress theme through 1.2, Venice Lite WordPress theme before 1.5.5, Viala WordPress theme through 1.3.1, viburno WordPress theme before 1.3.2, Wedding Bride WordPress theme before 1.0.2, Wlow WordPress theme before 1.2.7 suffer from the same issue about the search box reflecting the results causing XSS which allows an unauthenticated attacker to exploit against users if they click a malicious link.

来源: 美国国家漏洞数据库 NVD

CVSS Information

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

WordPress 多款主题跨站脚本漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress 多款主题存在跨站脚本漏洞，该漏洞源于存在反射型跨站脚本漏洞。

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE
Unknown	Aapna	0 ~ 1.3	-
Unknown	Anand	0 ~ 1.2	-
Unknown	Anfaust	0 ~ 1.1	-
Unknown	Arendelle	0 ~ 1.1.13	-
Unknown	Atlast Business	0 ~ 1.5.8.5	-
Unknown	Bazaar Lite	0 ~ 1.8.6	-
Unknown	Brain Power	0 ~ 1.2	-
Unknown	BunnyPressLite	0 ~ 2.1	-
Unknown	Cafe Bistro	0 ~ 1.1.4	-
Unknown	College	0 ~ 1.5.1	-
Unknown	Connections Reloaded	0 ~ 3.1	-
Unknown	Counterpoint	0 ~ 1.8.1	-
Unknown	Digitally	0 ~ 1.0.8	-
Unknown	Directory	0 ~ 3.0.2	-
Unknown	Drop	0 ~ 1.22	-
Unknown	Everse	0 ~ 1.2.4	-
Unknown	Fashionable Store	0 ~ 1.3.4	-
Unknown	Fullbase	0 ~ 1.2.1	-
Unknown	Ilex	0 ~ 1.4.2	-
Unknown	Js O3 Lite	0 ~ 1.5.8.2	-
Unknown	Js Paper	0 ~ 2.5.7	-
Unknown	Kata	0 ~ 1.2.9	-
Unknown	Kata App	0 ~ 1.0.5	-
Unknown	Kata Business	0 ~ 1.0.2	-
Unknown	Looki Lite	0 ~ 1.3.0	-
Unknown	moseter	0 ~ 1.3.1	-
Unknown	Nokke	0 ~ 1.2.4	-
Unknown	Nothing Personal	0 ~ 1.0.7	-
Unknown	Offset Writing	0 ~ 1.2	-
Unknown	Opor Ayam	0 ~ 1.8	-
Unknown	Pinzolo	0 ~ 1.2.10	-
Unknown	Plato	0 ~ 1.1.9	-
Unknown	Polka Dots	0 ~ 1.2	-
Unknown	Purity Of Soul	0 ~ 1.9	-
Unknown	Restaurant PT	0 ~ 1.1.3	-
Unknown	Saul	0 ~ 1.1.0	-
Unknown	Sean Lite	0 ~ 1.4.6	-
Unknown	Tantyyellow	0 ~ 1.0.0.5	-
Unknown	TIJAJI	0 ~ 1.43	-
Unknown	Tiki Time	0 ~ 1.3	-
Unknown	Tuaug4	0 ~ 1.4	-
Unknown	Tydskrif	0 ~ 1.1.3	-
Unknown	UltraLight	0 ~ 1.2	-
Unknown	Venice Lite	0 ~ 1.5.5	-
Unknown	Viala	0 ~ 1.3.1	-
Unknown	viburno	0 ~ 1.3.2	-
Unknown	Wedding Bride	0 ~ 1.0.2	-
Unknown	Wlow	0 ~ 1.2.7	-

二、漏洞 CVE-2023-2813 的公开POC

#	POC 描述	源链接	神龙链接
1	All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordPress theme through 1.1, Arendelle WordPress theme before 1.1.13, Atlast Business WordPress theme through 1.5.8.5, Bazaar Lite WordPress theme before 1.8.6, Brain Power WordPress theme through 1.2, BunnyPressLite WordPress theme before 2.1, Cafe Bistro WordPress theme before 1.1.4, College WordPress theme before 1.5.1, Connections Reloaded WordPress theme through 3.1, Counterpoint WordPress theme through 1.8.1, Digitally WordPress theme through 1.0.8, Directory WordPress theme before 3.0.2, Drop WordPress theme before 1.22, Everse WordPress theme before 1.2.4, Fashionable Store WordPress theme through 1.3.4, Fullbase WordPress theme before 1.2.1, Ilex WordPress theme before 1.4.2, Js O3 Lite WordPress theme through 1.5.8.2, Js Paper WordPress theme through 2.5.7, Kata WordPress theme before 1.2.9, Kata App WordPress theme through 1.0.5, Kata Business WordPress theme through 1.0.2, Looki Lite WordPress theme before 1.3.0, moseter WordPress theme through 1.3.1, Nokke WordPress theme before 1.2.4, Nothing Personal WordPress theme through 1.0.7, Offset Writing WordPress theme through 1.2, Opor Ayam WordPress theme through 18, Pinzolo WordPress theme before 1.2.10, Plato WordPress theme before 1.1.9, Polka Dots WordPress theme through 1.2, Purity Of Soul WordPress theme through 1.9, Restaurant PT WordPress theme before 1.1.3, Saul WordPress theme before 1.1.0, Sean Lite WordPress theme before 1.4.6, Tantyyellow WordPress theme through 1.0.0.5, TIJAJI WordPress theme through 1.43, Tiki Time WordPress theme through 1.3, Tuaug4 WordPress theme through 1.4, Tydskrif WordPress theme through 1.1.3, UltraLight WordPress theme through 1.2, Venice Lite WordPress theme before 1.5.5, Viala WordPress theme through 1.3.1, viburno WordPress theme before 1.3.2, Wedding Bride WordPress theme before 1.0.2, Wlow WordPress theme before 1.2.7 suffer from the same issue about the search box reflecting the results causing XSS which allows an unauthenticated attacker to exploit against users if they click a malicious link.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-2813.yaml	POC详情

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2023-2813 的情报信息

Please 登录 to view more intelligence information

https://wpscan.com/vulnerability/f434afd3-7de4-4bf4-a9bb-9f9aeaae1dc5exploitvdb-entrytechnical-description
https://nvd.nist.gov/vuln/detail/CVE-2023-2813

四、漏洞 CVE-2023-2813 的评论

暂无评论

支持本站 — 捐款将帮助我们持续运营

一、漏洞 CVE-2023-2813 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2023-2813 的公开POC

三、漏洞 CVE-2023-2813 的情报信息

四、漏洞 CVE-2023-2813 的评论

发表评论

支持本站 — 捐款将帮助我们持续运营

一、 漏洞 CVE-2023-2813 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2023-2813 的公开POC

三、漏洞 CVE-2023-2813 的情报信息

四、漏洞 CVE-2023-2813 的评论

发表评论

一、漏洞 CVE-2023-2813 基础信息