CVE-2023-5307 (GCVE-0-2023-5307)
Vulnerability from cvelistv5 – Published: 2023-10-31 13:54 – Updated: 2025-04-22 20:03
VLAI?
Title
Photos and Files Contest Gallery – Contact Form < 21.2.8.1 - Unauthenticated Stored XSS via HTTP Headers
Summary
The Photos and Files Contest Gallery WordPress plugin before 21.2.8.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks via certain headers.
Severity ?
6.1 (Medium)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photos and Files Contest Gallery |
Affected:
0 , < 21.2.8.1
(custom)
|
Credits
Dmitrii Ignatyev
WPScan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/6fac1e09-21ab-430d-b56d-195e7238c08c"
},
{
"tags": [
"x_transferred"
],
"url": "https://research.cleantalk.org/cve-2023-5307-photos-and-files-contest-gallery-contact-form-21-2-8-1-unauthenticated-stored-xss-via-http-headers"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5307",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T20:03:24.614663Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T20:03:31.145Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "Photos and Files Contest Gallery",
"vendor": "Unknown",
"versions": [
{
"lessThan": "21.2.8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dmitrii Ignatyev"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photos and Files Contest Gallery WordPress plugin before 21.2.8.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks via certain headers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T13:54:43.166Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/6fac1e09-21ab-430d-b56d-195e7238c08c"
},
{
"url": "https://research.cleantalk.org/cve-2023-5307-photos-and-files-contest-gallery-contact-form-21-2-8-1-unauthenticated-stored-xss-via-http-headers"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Photos and Files Contest Gallery \u2013 Contact Form \u003c 21.2.8.1 - Unauthenticated Stored XSS via HTTP Headers",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2023-5307",
"datePublished": "2023-10-31T13:54:43.166Z",
"dateReserved": "2023-09-29T16:46:14.641Z",
"dateUpdated": "2025-04-22T20:03:31.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:contest-gallery:contest_gallery:*:*:*:*:*:wordpress:*:*\", \"versionEndExcluding\": \"21.2.8.1\", \"matchCriteriaId\": \"ED3B8B77-3C6F-42E7-B14A-E6D47C0E4F5F\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The Photos and Files Contest Gallery WordPress plugin before 21.2.8.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks via certain headers.\"}, {\"lang\": \"es\", \"value\": \"El complemento Photos and Files Contest Gallery de WordPress anterior a 21.2.8.1 no sanitiza ni escapa a algunos par\\u00e1metros, lo que podr\\u00eda permitir a usuarios no autenticados realizar ataques de Cross-Site Scripting a trav\\u00e9s de ciertos encabezados.\"}]",
"id": "CVE-2023-5307",
"lastModified": "2024-11-21T08:41:29.873",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}]}",
"published": "2023-10-31T14:15:12.713",
"references": "[{\"url\": \"https://research.cleantalk.org/cve-2023-5307-photos-and-files-contest-gallery-contact-form-21-2-8-1-unauthenticated-stored-xss-via-http-headers\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://wpscan.com/vulnerability/6fac1e09-21ab-430d-b56d-195e7238c08c\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://research.cleantalk.org/cve-2023-5307-photos-and-files-contest-gallery-contact-form-21-2-8-1-unauthenticated-stored-xss-via-http-headers\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://wpscan.com/vulnerability/6fac1e09-21ab-430d-b56d-195e7238c08c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-5307\",\"sourceIdentifier\":\"contact@wpscan.com\",\"published\":\"2023-10-31T14:15:12.713\",\"lastModified\":\"2025-04-22T20:15:27.617\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Photos and Files Contest Gallery WordPress plugin before 21.2.8.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks via certain headers.\"},{\"lang\":\"es\",\"value\":\"El complemento Photos and Files Contest Gallery de WordPress anterior a 21.2.8.1 no sanitiza ni escapa a algunos par\u00e1metros, lo que podr\u00eda permitir a usuarios no autenticados realizar ataques de Cross-Site Scripting a trav\u00e9s de ciertos encabezados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:contest-gallery:contest_gallery:*:*:*:*:*:wordpress:*:*\",\"versionEndExcluding\":\"21.2.8.1\",\"matchCriteriaId\":\"ED3B8B77-3C6F-42E7-B14A-E6D47C0E4F5F\"}]}]}],\"references\":[{\"url\":\"https://research.cleantalk.org/cve-2023-5307-photos-and-files-contest-gallery-contact-form-21-2-8-1-unauthenticated-stored-xss-via-http-headers\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/6fac1e09-21ab-430d-b56d-195e7238c08c\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://research.cleantalk.org/cve-2023-5307-photos-and-files-contest-gallery-contact-form-21-2-8-1-unauthenticated-stored-xss-via-http-headers\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/6fac1e09-21ab-430d-b56d-195e7238c08c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://wpscan.com/vulnerability/6fac1e09-21ab-430d-b56d-195e7238c08c\", \"tags\": [\"exploit\", \"vdb-entry\", \"technical-description\", \"x_transferred\"]}, {\"url\": \"https://research.cleantalk.org/cve-2023-5307-photos-and-files-contest-gallery-contact-form-21-2-8-1-unauthenticated-stored-xss-via-http-headers\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T07:52:08.569Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-5307\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-22T20:03:24.614663Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-22T19:58:02.614Z\"}}], \"cna\": {\"title\": \"Photos and Files Contest Gallery \\u2013 Contact Form \u003c 21.2.8.1 - Unauthenticated Stored XSS via HTTP Headers\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Dmitrii Ignatyev\"}, {\"lang\": \"en\", \"type\": \"coordinator\", \"value\": \"WPScan\"}], \"affected\": [{\"vendor\": \"Unknown\", \"product\": \"Photos and Files Contest Gallery\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"21.2.8.1\", \"versionType\": \"custom\"}], \"collectionURL\": \"https://wordpress.org/plugins\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://wpscan.com/vulnerability/6fac1e09-21ab-430d-b56d-195e7238c08c\", \"tags\": [\"exploit\", \"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://research.cleantalk.org/cve-2023-5307-photos-and-files-contest-gallery-contact-form-21-2-8-1-unauthenticated-stored-xss-via-http-headers\"}], \"x_generator\": {\"engine\": \"WPScan CVE Generator\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Photos and Files Contest Gallery WordPress plugin before 21.2.8.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks via certain headers.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-79 Cross-Site Scripting (XSS)\"}]}], \"providerMetadata\": {\"orgId\": \"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81\", \"shortName\": \"WPScan\", \"dateUpdated\": \"2023-10-31T13:54:43.166Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-5307\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-22T20:03:31.145Z\", \"dateReserved\": \"2023-09-29T16:46:14.641Z\", \"assignerOrgId\": \"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81\", \"datePublished\": \"2023-10-31T13:54:43.166Z\", \"assignerShortName\": \"WPScan\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…