[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwRJF1FpjvvQEwb2wImBcOuH_35ohHDyKjYiZUIuHdJU":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2023-48285","accept-stripe-payments-unauthenticated-content-injection","Accept Stripe Payments \u003C= 2.0.79 - Unauthenticated Content Injection","The Accept Stripe Payments plugin for WordPress is vulnerable to Content Injection in all versions up to, and including, 2.0.79. This is due to payment data not properly being sanitized in the get_billing_details() function. This makes it possible for unauthenticated attackers to inject arbitrary content into pages.","stripe-payments",null,"\u003C=2.0.79","2.0.80","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')","2023-11-23 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2f499d5e-eb27-4611-af27-ac9fd6a9f044?source=api-prod",61]