{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-30T13:35:04.272","vulnerabilities":[{"cve":{"id":"CVE-2023-48285","sourceIdentifier":"audit@patchstack.com","published":"2024-06-04T11:15:48.580","lastModified":"2026-06-17T06:33:55.620","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Tips and Tricks HQ Stripe Payments allows Code Injection.This issue affects Stripe Payments: from n/a through 2.0.79."},{"lang":"es","value":"Neutralización inadecuada de etiquetas HTML relacionadas con scripts en una vulnerabilidad de página web (XSS básico) en Tips and Tricks HQ Stripe Payments permite la inyección de código. Este problema afecta a Stripe Payments: desde n/a hasta 2.0.79."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Tips and Tricks HQ","product":"Stripe Payments","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"stripe-payments","versions":[{"version":"n/a","lessThanOrEqual":"2.0.79","versionType":"custom","status":"affected","changes":[{"at":"2.0.80","status":"unaffected"}]}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tipsandtricks-hq","product":"accept_stripe","defaultStatus":"unknown","cpes":["cpe:2.3:a:tipsandtricks-hq:accept_stripe:*:*:*:*:*:wordpress:*:*"],"versions":[{"version":"0","lessThanOrEqual":"2.0.79","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-04T20:34:06.403529Z","id":"CVE-2023-48285","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-80"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/stripe-payments/wordpress-accept-stripe-payments-plugin-2-0-79-content-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"},{"url":"https://patchstack.com/database/vulnerability/stripe-payments/wordpress-accept-stripe-payments-plugin-2-0-79-content-injection-vulnerability?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}