CVE-2023-51399

MEDIUM WAF: High

CVSS 5.4 Published: 2023-12-29

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3.

WAF Coverage Analysis

Cross-Site Scripting (XSS) High WAF Coverage

OWASP: A03:2021 Injection

941xxx - XSS / XXE

Affected Software

Vendor	Product	Version
wpfactory	back_button_widget	up to 1.6.3

References

patchstack.com (Third Party Advisory)

Back to CVE Database