🔐 CVE Alert

CVE-2023-46640

MEDIUM 5.4

WordPress Medialist Plugin <= 1.3.9 is vulnerable to Cross Site Scripting (XSS)

CVSS Score
5.4
EPSS Score
0.0%
EPSS Percentile
0th

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in D. Relton Medialist plugin <= 1.3.9 versions.

CWE CWE-79
Vendor d. relton
Product medialist
Published Nov 8, 2023
Last Updated Apr 28, 2026
Stay Ahead of the Next One

Get instant alerts for d. relton medialist

Be the first to know when new medium vulnerabilities affecting d. relton medialist are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

D. Relton / Medialist
n/a ≤ 1.3.9

References

NVD ↗ CVE.org ↗ EPSS Data ↗
patchstack.com: https://patchstack.com/database/vulnerability/media-list/wordpress-medialist-plugin-1-3-9-cross-site-scripting-xss-vulnerability?_s_id=cve

Credits

Tien from VNPT-VCI (Patchstack Alliance)