How severe is CVE-2023-4423?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.8 out of 10.

What type of vulnerability is CVE-2023-4423?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2023-4423

MEDIUM Year: 2023

CVSS v3 Score

4.8

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 3.1.37.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

CVE-2016-5541

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: NDBAPI). Supported versions that are affected are 7.2.26 and earlier, 7.3.14 and earlier and 7.4.12 and earlier. Di...

NVD-CWE-Other2016

CVE-2017-10063

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Diff...

NVD-CWE-Other2017

CVE-2017-10149

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform). Supported versions that are affected are 9.13, 9.14, 10.1, 10.2, 15.1, 15.2, 16.1 and 16.2...

NVD-CWE-Other2017

CVE-2017-10161

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Oracle Engineering Data Management component of Oracle Supply Chain Products Suite (subcomponent: Web Services Security). Supported versions that are affected are 6.1.3.0 and 6.2....

NVD-CWE-Other2017

CVE-2017-10386

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.7. Easily exploi...

NVD-CWE-Other2017

CVE-2018-2599

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embed...

NVD-CWE-Other2018

CVE-2023-4423

Vulnerability Description

Related Vulnerabilities

CVE-2016-5541

CVE-2017-10063

CVE-2017-10149

CVE-2017-10161

CVE-2017-10386

CVE-2018-2599