CVE-2023-1069
Complianz - GDPR/CCPA Cookie Consent < 6.4.2 - Contributor+ Stored XSS
The Complianz WordPress plugin before 6.4.2, Complianz Premium WordPress plugin before 6.4.2 do not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
We have discovered 37,802 live websites that are affected by CVE-2023-1069.
Affected Software
| Product |  Complianz |
| Category | Cookie compliance |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 133 |
| Vulnerable Domains | 37,802 live websites (12.10% of Complianz install base) |
Common Weakness Enumeration
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-1069 and the relative popularity of websitesDetails
- Published - Mar 27, 2023
- Updated - Mar 27, 2023
Credits
- Erwan LR (WPScan) (finder)
- WPScan (coordinator)
CWE
CVE References
CWE References
Countries
 United States | 1,712 websites |
 Germany | 12,674 websites |
 Italy | 4,300 websites |
 France | 4,036 websites |
 Spain | 4,027 websites |
 Czech Republic | 1,791 websites |
 Netherlands | 1,184 websites |
 Austria | 1,157 websites |
 GB | 919 websites |
 Slovakia | 826 websites |
TLDs
| .de | 9,958 websites |
| .com | 9,533 websites |
| .it | 2,932 websites |
| .fr | 1,915 websites |
| .cz | 1,605 websites |
| .es | 1,524 websites |
| .at | 1,003 websites |
| .nl | 995 websites |
| .org | 791 websites |
| .eu | 618 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2023-1069 through included software libraries and plugins.Websites affected by CVE-2023-1069
Top websites that are affected by CVE-2023-1069. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *********.com | United States | *,*** | |
| ***********.it | Italy | **,*** | |
| *****.com | United States | **,*** | |
| ***.******.com | GB | **,*** | |
| ***.******.nl | Netherlands | **,*** | |
| ******.**********.fr | France | **,*** | |
| ************.com | France | **,*** | |
| ***.********.com | Germany | **,*** | |
| ***********.com | France | **,*** | |
| ************.com | United States | **,*** |