Login Sign Up

CVE-2023-46622

7.1 HIGH
Cross-Site Scripting

📋 TL;DR

This vulnerability allows unauthenticated attackers to inject malicious scripts into web pages via the WPPizza WordPress plugin. When users visit a specially crafted URL, the script executes in their browser, potentially stealing session cookies or performing actions on their behalf. WordPress sites using WPPizza plugin versions 3.18.2 and earlier are affected.

💻 Affected Systems

Products:
  • WPPizza - A Restaurant Plugin for WordPress
Versions: <= 3.18.2
Operating Systems: All operating systems running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: All WordPress installations using vulnerable WPPizza plugin versions are affected regardless of configuration.

📦 What is this software?

Wppizza by Wp Pizza

View all CVEs affecting Wppizza →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full control of the WordPress site, install backdoors, deface the site, or steal sensitive customer data.

🟠

Likely Case

Attackers steal user session cookies, perform actions as authenticated users, redirect users to malicious sites, or display phishing content.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts are neutralized before reaching users' browsers.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Reflected XSS vulnerabilities are commonly exploited and require minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.18.3 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/wppizza/wordpress-wppizza-plugin-3-18-2-reflected-cross-site-scripting-xss-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find WPPizza plugin. 4. Click 'Update Now' if available. 5. Alternatively, download latest version from WordPress repository and manually update.

🔧 Temporary Workarounds

Disable WPPizza Plugin

all

Temporarily disable the vulnerable plugin until patched.

wp plugin deactivate wppizza

Implement WAF Rules

all

Configure web application firewall to block XSS payloads targeting WPPizza endpoints.

🧯 If You Can't Patch

  • Implement Content Security Policy (CSP) headers to restrict script execution
  • Use browser security features like HttpOnly and Secure flags for cookies

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for WPPizza version 3.18.2 or earlier.

Check Version:

wp plugin get wppizza --field=version

Verify Fix Applied:

Verify WPPizza plugin version is 3.18.3 or later in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual GET/POST requests containing script tags or JavaScript payloads to WPPizza endpoints
  • Multiple failed login attempts following suspicious URL visits

Network Indicators:

  • HTTP requests with suspicious parameters containing <script>, javascript:, or encoded payloads

SIEM Query:

source="web_server_logs" AND (uri_path="*wppizza*" AND (query="*<script>*" OR query="*javascript:*" OR query="*%3Cscript%3E*"))

📊 Metadata

CVE ID: CVE-2023-46622
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
CWE: CWE-79
Published: October 31, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-46622, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)