Approved changes feed: RSS · Atom

cpe:2.3:a:amazonjs_project:amazonjs:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorAmazonjs Project (0826079a-666a-51f5-81ef-af8cdf0f8776)
ProductAmazonjs (7e541db6-4761-510b-89eb-31b0e0ad4df8)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-0075 vulnerable 2026-06-08 05:52:04.231383 Amazon JS <= 0.10 - Contributor+ Stored XSS
The Amazon JS WordPress plugin through 0.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Published: 2023-02-13T14:32:24.576Z
Updated: 2025-03-21T19:39:00.907Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.