CVE-2023-0334
Published: 27 February 2023
Summary
CVE-2023-0334 is a medium-severity an unspecified weakness vulnerability in Shortpixel Shortpixel Adaptive Images. Its CVSS base score is 6.1 (Medium).
Operationally, ranked in the top 7.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
The ShortPixel Adaptive Images WordPress plugin before version 3.6.3 contains a reflected cross-site scripting vulnerability. The flaw arises because the plugin fails to sanitize and escape a parameter before reflecting it back into page output, allowing script injection that targets high-privilege users such as administrators. The issue carries a CVSS 3.1 score of 6.1 with network attack vector and required user interaction.
An unauthenticated attacker can exploit the vulnerability by delivering a crafted URL to an administrator or other privileged user. If the victim interacts with the link, the attacker can execute arbitrary JavaScript in the victim's browser session, enabling actions such as session hijacking or unauthorized administrative changes within the WordPress site.
The associated EPSS probability rose from lower values to a recorded peak of 0.2661 before receding to the current score of 0.0813, indicating a period of elevated exploitation interest after public disclosure. The primary reference is the WPScan advisory that documents the reflected XSS condition and the affected plugin versions.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-12395
Vulnerability details
The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.