{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T10:08:18.857","vulnerabilities":[{"cve":{"id":"CVE-2023-48317","sourceIdentifier":"audit@patchstack.com","published":"2023-11-30T17:15:11.860","lastModified":"2026-04-28T19:22:10.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vikas Vatsa Display Custom Post allows Stored XSS.This issue affects Display Custom Post: from n/a through 2.2.1."},{"lang":"es","value":"Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('Scripting entre sitios') en Vikas Vatsa Display Custom Post permite almacenar XSS. Este problema afecta Display Custom Post: desde n/a hasta 2.2.1."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vikasvatsa:display_custom_post:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"2.2.1","matchCriteriaId":"3E7DD09D-A38A-40EA-A8E0-5CE123DE003C"}]}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/display-custom-post/wordpress-display-custom-post-plugin-2-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com","tags":["Third Party Advisory"]},{"url":"https://patchstack.com/database/vulnerability/display-custom-post/wordpress-display-custom-post-plugin-2-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}