cleantalk
Vulnerabilities and Security Researches

Seraphinite Accelerator, CVE-2023-5609

CVE, Research URL

CVE-2023-5609

Home page URL

Security reports for Seraphinite Accelerator

Application

Seraphinite Accelerator

Published on
Nov 21, 2023
Research Description
The Seraphinite Accelerator WordPress plugin before 2.2.29 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Affected versions
max 2.20.29.
Status
vulnerable
Previous vulnerability researches
Seraphinite Accelerator (CVE-2024-54222) , Dec 23, 2024
Seraphinite Accelerator (CVE-2023-5610) , Jun 07, 2024
Seraphinite Accelerator (CVE-2023-5609) , Jun 07, 2024
Seraphinite Accelerator (CVE-2024-1568) , Jun 07, 2024
Seraphinite Accelerator (CVE-2023-49740) , Jun 07, 2024
New vulnerability
EmailKit -WooCommerce Email Customizer (CVE-2026-1925) , Apr 15, 2026
Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce (CVE-2026-1651) , Apr 15, 2026
Contact Form builder with drag & drop for WordPress – Kali Forms (CVE-2026-1860) , Apr 15, 2026
Related Posts by Taxonomy (CVE-2026-0916) , Apr 15, 2026
Ivory Search – WordPress Search Plugin (CVE-2026-1053) , Apr 15, 2026