CVE-2023-0082
ExactMetrics < 7.12.1 - Contributor+ Stored XSS
The ExactMetrics WordPress plugin before 7.12.1 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
We have discovered 80,290 live websites that are affected by CVE-2023-0082.
Affected Software
| Product |  ExactMetrics |
| Category | Analytics |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 86 |
| Vulnerable Domains | 80,290 live websites (32.00% of ExactMetrics install base) |
Common Weakness Enumeration
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-0082 and the relative popularity of websitesDetails
- Published - Feb 6, 2023
Credits
- Lana Codes (finder)
- WPScan (coordinator)
CWE
CVE References
CWE References
Countries
 United States | 22,266 websites |
 France | 7,260 websites |
 Germany | 5,031 websites |
 GB | 4,311 websites |
 Italy | 4,203 websites |
 Netherlands | 3,662 websites |
 Japan | 3,404 websites |
 Brazil | 2,592 websites |
 Spain | 2,550 websites |
 Poland | 2,004 websites |
TLDs
| .com | 35,493 websites |
| .org | 3,396 websites |
| .fr | 3,272 websites |
| .nl | 3,011 websites |
| .it | 2,757 websites |
| .de | 2,704 websites |
| .co.uk | 2,576 websites |
| .com.br | 2,230 websites |
| .net | 1,886 websites |
| .pl | 1,513 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2023-0082 through included software libraries and plugins.Websites affected by CVE-2023-0082
Top websites that are affected by CVE-2023-0082. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *********.com | United States | *,*** | |
| *********.com | United States | *,*** | |
| *********.com | United States | *,*** | |
| *********.com | United States | *,*** | |
| **********.com | United States | *,*** | |
| *****************.****************.com | United States | *,*** | |
| *********.com | United States | *,*** | |
| *********.com | United States | *,*** | |
| *****************.*********.com | United States | *,*** | |
| ***.***************.com |  South Africa | *,*** |