CVE-2023-29385 – Unauthenticated attackers can inject malicious ... (How to Fix)

Q: How do I fix CVE-2023-29385?

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'WP Abstracts' plugin. 4. Click 'Update Now' if available. 5. If no update appears, manually download version 2.6.3+ from WordPress repository and replace plugin files.

Q: What is the severity of CVE-2023-29385?

CVE-2023-29385 has a CVSS score of 7.1 (HIGH). Unauthenticated attackers can inject malicious scripts via the WP Abstracts plugin in WordPress, which are then reflected back and executed in victims' browsers. This affects all WordPress sites running WP Abstracts plugin version 2.6.2 or earlier.

📋 TL;DR

Unauthenticated attackers can inject malicious scripts via the WP Abstracts plugin in WordPress, which are then reflected back and executed in victims' browsers. This affects all WordPress sites running WP Abstracts plugin version 2.6.2 or earlier.

💻 Affected Systems

Products:

WordPress WP Abstracts (Manuscripts Manager) plugin

Versions: <= 2.6.2

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All WordPress installations with vulnerable plugin versions are affected regardless of configuration.

📦 What is this software?

Wp Abstracts by Kevonadonis

View all CVEs affecting Wp Abstracts →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, take over WordPress sites, install backdoors, or redirect visitors to malicious sites.

🟠

Likely Case

Attackers steal user session cookies, perform actions as logged-in users, or deface websites.

🟢

If Mitigated

Limited impact with proper Content Security Policy (CSP) headers and input validation in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Reflected XSS vulnerabilities are commonly exploited and require minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.6.3 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/wp-abstracts-manuscripts-manager/wordpress-wp-abstracts-plugin-2-6-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'WP Abstracts' plugin. 4. Click 'Update Now' if available. 5. If no update appears, manually download version 2.6.3+ from WordPress repository and replace plugin files.

🔧 Temporary Workarounds

Disable WP Abstracts Plugin

all

Temporarily deactivate the vulnerable plugin until patched.

wp plugin deactivate wp-abstracts-manuscripts-manager

Implement Content Security Policy

all

Add CSP headers to restrict script execution sources.

Add to .htaccess: Header set Content-Security-Policy "default-src 'self'; script-src 'self'"
Add to nginx config: add_header Content-Security-Policy "default-src 'self'; script-src 'self'";

🧯 If You Can't Patch

Implement Web Application Firewall (WAF) rules to block XSS payloads in request parameters.
Restrict plugin access to trusted IP addresses only using .htaccess or server configuration.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for WP Abstracts version number. If version is 2.6.2 or lower, you are vulnerable.

Check Version:

wp plugin get wp-abstracts-manuscripts-manager --field=version

Verify Fix Applied:

After updating, verify plugin version shows 2.6.3 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual GET/POST requests containing script tags or JavaScript code in parameters
Multiple 404 errors for plugin-specific endpoints with suspicious parameters

Network Indicators:

HTTP requests with script tags in query strings or POST data to wp-abstracts endpoints
Unexpected redirects to external domains from plugin pages

SIEM Query:

source="web_logs" AND (uri="*wp-abstracts*" AND (query="*<script>*" OR query="*javascript:*" OR query="*onload=*"))

📊 Metadata

CVE ID: CVE-2023-29385

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CWE: CWE-79

Published: June 12, 2023

Last Updated: March 13, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-29385, you might also want to check these: