Vulnerability Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through <= 1.1.4; Fascinate: from n/a through 1.0.8; Cream Blog: from n/a through 2.1.3; Cream Magazine: from n/a through 2.1.4.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://patchstack.com/database/vulnerability/cream-blog/wordpress-cream-blog-th
- https://patchstack.com/database/vulnerability/cream-magazine/wordpress-cream-mag
- https://patchstack.com/database/vulnerability/fascinate/wordpress-fascinate-them
- https://patchstack.com/database/vulnerability/glaze-blog-lite/wordpress-glaze-bl
- https://patchstack.com/database/vulnerability/cream-blog/wordpress-cream-blog-th
- https://patchstack.com/database/vulnerability/cream-magazine/wordpress-cream-mag
- https://patchstack.com/database/vulnerability/fascinate/wordpress-fascinate-them
- https://patchstack.com/database/vulnerability/glaze-blog-lite/wordpress-glaze-bl
FAQ
What is CVE-2023-28687?
CVE-2023-28687 is a vulnerability with a CVSS score of 7.1 (HIGH). Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazi...
How severe is CVE-2023-28687?
CVE-2023-28687 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-28687?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.