CVE-2023-6923

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-6923

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-6923.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-6923

Published

2024-02-29T01:42:49.007Z

Modified

2025-11-15T15:06:54.059134Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

The Matomo Analytics – Ethical Stats. Powerful Insights. plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the idsite parameter in all versions up to, and including, 4.15.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

References

Affected packages

Git / github.com/matomo-org/matomo

Affected ranges

Type: GIT
Repo: https://github.com/matomo-org/matomo
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7454f0e3ae10c8753c73eda1742b7a8a55f8330e

Affected versions

1.*

1.10

1.10.1

1.11

1.11-b1

1.11-b2

1.11-b3

1.11-b4

1.11-b5

1.11-b6

1.11.1

1.12

1.12-b1

1.12-b10

1.12-b11

1.12-b12

1.12-b13

1.12-b14

1.12-b15

1.12-b16

1.12-b17

1.12-b18

1.12-b19

1.12-b2

1.12-b20

1.12-b21

1.12-b22

1.12-b3

1.12-b4

1.12-b5

1.12-b6

1.12-b7

1.12-b9

1.12-rc1

1.6

1.7

1.7.1

1.8

1.8.1

1.8.2

1.8.3

1.8.4

1.9.1

1.9.2

2.*

2.0

2.0-a1

2.0-a10

2.0-a11

2.0-a13

2.0-a14

2.0-a2

2.0-a3

2.0-a4

2.0-a5

2.0-a6

2.0-a8

2.0-a9

2.0-b1

2.0-b10

2.0-b11

2.0-b12

2.0-b2

2.0-b3

2.0-b4

2.0-b5

2.0-b6

2.0-b7

2.0-b8

2.0-b9

2.0-rc1

2.0-rc2

2.0.1

2.0.1-rc1

2.0.1-rc2

2.0.2

2.0.3

2.0.3-b1

2.0.3-b2

2.0.3-b3

2.0.3-b4

2.0.3-b5

2.0.3-b6

2.0.3-b7

2.0.3-rc1

2.0.4-b1

2.0.4-b10

2.0.4-b11

2.0.4-b12

2.0.4-b2

2.0.4-b3

2.0.4-b4

2.0.4-b5

2.0.4-b6

2.0.4-b7

2.0.4-b8

2.0.4-b9

2.1-rc1

2.1-rc2

2.1-rc3

2.1-rc4

2.1-rc6

2.1-rc7

2.1-rc8

2.1.1-b1

2.1.1-b10

2.1.1-b12

2.1.1-b2

2.1.1-b3

2.1.1-b4

2.1.1-b6

2.1.1-b7

2.1.1-b8

2.1.1-b9

2.10.0

2.10.0-b1

2.10.0-b10

2.10.0-b11

2.10.0-b2

2.10.0-b3

2.10.0-b4

2.10.0-b5

2.10.0-b6

2.10.0-b7

2.10.0-b8

2.10.0-b9

2.10.0-rc1

2.10.0-rc2

2.10.0-rc3

2.10.0-rc4

2.11.0

2.11.0-b2

2.11.0-b3

2.11.0-b4

2.11.0-b5

2.11.0-b6

2.11.0-b7

2.11.0-rc1

2.11.1

2.11.1-b1

2.11.1-b2

2.11.1-b3

2.11.1-rc1

2.11.2

2.11.2-b1

2.11.2-b2

2.11.2-b3

2.11.2-rc1

2.12.0

2.12.0-b1

2.12.0-b2

2.12.0-b3

2.12.0-b4

2.12.0-b5

2.12.0-b6

2.12.0-b7

2.12.0-b8

2.12.0-rc1

2.12.0-rc2

2.12.0-rc3

2.12.1

2.12.1-b1

2.12.1-rc1

2.13.0

2.13.0-b1

2.13.0-b2

2.13.0-b3

2.13.0-rc1

2.13.0-rc2

2.13.0-rc3

2.13.1

2.14.0

2.14.0-b1

2.14.0-b10

2.14.0-b2

2.14.0-b3

2.14.0-b4

2.14.0-b5

2.14.0-b6

2.14.0-b7

2.14.0-b8

2.14.0-b9

2.14.0-rc1

2.14.0-rc2

2.14.0-rc3

2.14.0-rc4

2.14.1

2.14.1-b1

2.14.1-b2

2.14.1-rc1

2.14.2

2.14.2-b1

2.14.3

2.14.3-b1

2.15.0

2.15.0-b1

2.15.0-b10

2.15.0-b11

2.15.0-b12

2.15.0-b13

2.15.0-b14

2.15.0-b15

2.15.0-b16

2.15.0-b17

2.15.0-b18

2.15.0-b19

2.15.0-b2

2.15.0-b20

2.15.0-b3

2.15.0-b4

2.15.0-b5

2.15.0-b6

2.15.0-b7

2.15.0-b8

2.15.0-b9

2.15.0-rc1

2.15.0-rc2

2.15.0-rc3

2.15.0-rc4

2.15.0-rc5

2.15.1-b1

2.15.1-b10

2.15.1-b11

2.15.1-b2

2.15.1-b3

2.15.1-b4

2.15.1-b5

2.15.1-b6

2.15.1-b7

2.15.1-b8

2.15.1-b9

2.16.0

2.16.0-b1

2.16.0-b2

2.16.0-b3

2.16.0-b4

2.16.0-b5

2.16.0-b6

2.16.0-rc1

2.16.0-rc2

2.16.0-rc3

2.16.0-rc4

2.16.1

2.16.1-b1

2.16.1-b2

2.16.1-b3

2.16.1-rc1

2.16.1-rc2

2.16.2

2.16.2-b1

2.16.2-b2

2.16.2-b3

2.16.2-b4

2.16.2-b5

2.16.2-b6

2.16.2-rc1

2.16.2-rc2

2.16.3

2.16.3-b2

2.16.3-b3

2.16.3-b4

2.16.3-rc1

2.16.3-rc2

2.16.3-rc3

2.2.0

2.2.0-b13

2.2.0-b14

2.2.0-b15

2.2.0-b16

2.2.0-b17

2.2.0-b18

2.2.0-rc1

2.2.0-rc2

2.2.0-rc3

2.2.0-rc4

2.2.1

2.2.1-b1

2.2.1-b2

2.2.1-b3

2.2.1-b4

2.2.1-rc1

2.2.1-rc2

2.2.1-rc3

2.2.2

2.2.2-b1

2.2.3-b1

2.2.3-b2

2.2.3-b4

2.2.3-b6

2.2.3-b7

2.3.0

2.3.0-rc1

2.3.0-rc2

2.3.0-rc3

2.3.0-rc4

2.4.0

2.4.0-b2

2.4.0-b3

2.4.0-b4

2.4.0-b5

2.4.0-b6

2.4.0-b7

2.4.0-b8

2.4.0-rc1

2.4.1

2.4.1-rc1

2.5.0

2.5.0-b1

2.5.0-b2

2.5.0-b3

2.5.0-rc1

2.5.0-rc2

2.5.0-rc3

2.5.0-rc4

2.5.1-b1

2.6.0

2.6.0-b1

2.6.0-rc1

2.6.0-rc2

2.6.0-rc3

2.6.0-rc4

2.6.1

2.6.1-b1

2.7.0

2.7.0-b1

2.7.0-b3

2.7.0-b4

2.7.0-rc1

2.7.0-rc2

2.8.0

2.8.0-b1

2.8.0-b2

2.8.0-b3

2.8.0-rc1

2.8.0-rc2

2.8.1

2.8.1-b1

2.8.1-b2

2.8.1-rc1

2.8.2

2.8.3

2.9.0

2.9.0-b1

2.9.0-b2

2.9.0-b3

2.9.0-b4

2.9.0-b5

2.9.0-b6

2.9.0-b7

2.9.0-b8

2.9.0-b9

2.9.0-rc1

2.9.0-rc2

2.9.1

2.9.1-b1

2.9.1-b2

3.*

3.0.0

3.0.0-b1

3.0.0-b2

3.0.0-b3

3.0.0-b4

3.0.0-b5

3.0.0-rc1

3.0.0-rc2

3.0.0-rc3

3.0.0-rc4

3.0.1

3.0.1-b1

3.0.1-b2

3.0.1-b3

3.0.2

3.0.2-b1

3.0.2-b2

3.0.2-b3

3.0.2-b4

3.0.2-b5

3.0.2-b6

3.0.2-rc1

3.0.3

3.0.3-b1

3.0.3-b2

3.0.3-rc1

3.0.4

3.0.4-b1

3.0.4-b2

3.0.4-b3

3.0.4-rc1

3.0.4-rc2

3.0.5-b1

3.0.5-b2

3.1.0

3.1.0-rc1

3.1.1

3.1.1-b1

3.1.1-b2

3.1.1-b3

3.1.2-b1

3.1.2-b2

3.10.0

3.10.0-b1

3.10.0-b2

3.10.0-b3

3.10.0-rc1

3.10.0-rc2

3.10.0-rc3

3.10.0-rc4

3.10.0-rc5

3.11.0

3.11.0-b1

3.11.0-b2

3.11.0-rc1

3.11.0-rc2

3.12.0

3.12.0-b1

3.12.0-b2

3.12.0-b3

3.12.0-b4

3.12.0-b5

3.12.0-b6

3.12.0-b7

3.12.0-rc1

3.12.0-rc2

3.12.0-rc3

3.13.0

3.13.0-b1

3.13.0-rc1

3.13.1

3.13.1-b1

3.13.1-b2

3.13.1-rc1

3.13.1-rc2

3.13.2

3.13.2-rc1

3.13.2-rc2

3.13.3

3.13.3-rc1

3.13.4

3.13.4-b1

3.13.4-b2

3.13.4-rc1

3.13.4-rc2

3.13.4-rc3

3.13.5

3.13.5-b1

3.13.5-b2

3.13.5-rc1

3.13.5-rc2

3.13.6

3.13.6-rc1

3.14.0

3.14.0-b1

3.14.0-rc1

3.14.1-b1

3.2.0

3.2.0-b3

3.2.0-b4

3.2.0-rc1

3.2.0-rc2

3.2.1

3.2.1-b1

3.2.1-b2

3.2.1-b3

3.2.1-rc1

3.3.0

3.3.0-b1

3.3.0-b2

3.3.0-rc1

3.3.0-rc2

3.3.0-rc3

3.3.1-b1

3.3.1-b2

3.3.1-b3

3.3.1-b4

3.4.0

3.4.0-rc1

3.4.0-rc2

3.5.0

3.5.0-b1

3.5.0-b2

3.5.0-b3

3.5.0-rc1

3.5.1

3.5.1-b2

3.6.0

3.6.0-b1

3.6.0-b3

3.6.0-b4

3.6.0-b5

3.6.0-rc1

3.6.0-rc2

3.6.1

3.6.1-b1

3.6.1-b2

3.6.1-b3

3.6.1-rc1

3.7.0

3.7.0-rc1

3.7.0-rc2

3.7.0-rc3

3.8.0

3.8.0-b1

3.8.0-b2

3.8.0-b4

3.8.0-b5

3.8.0-rc1

3.8.0-rc2

3.8.0-rc3

3.8.1

3.8.1-b1

3.8.1-rc1

3.9.0

3.9.0-b1

3.9.0-b2

3.9.0-b3

3.9.0-rc1

3.9.0-rc2

3.9.1

3.9.1-b1

3.9.1-rc1

4.*

4.0.0

4.0.0-a1

4.0.0-a2

4.0.0-b2

4.0.0-b3

4.0.0-b4

4.0.0-rc1

4.0.0-rc2

4.0.0-rc3

4.0.0-rc4

4.0.0-rc5

4.0.0-rc6

4.0.0-rc7

4.0.1

4.0.1-b1

4.0.2

4.0.3

4.0.4

4.0.4-b1

4.0.5

4.0.5-b1

4.1.0

4.1.0-b1

4.1.0-b2

4.1.0-rc1

4.1.0-rc2

4.1.1

4.1.1-b1

4.1.1-b2

4.1.2-rc1

4.1.2-rc2

4.10.0

4.10.0-rc1

4.10.1

4.11.0-rc1

4.11.0-rc2

4.11.0-rc3

4.11.0-rc4

4.12.0

4.12.0-rc1

4.12.0-rc2

4.12.1

4.12.2

4.12.3

4.12.3-rc1

4.13.0

4.13.0-rc2

4.13.1

4.13.1-rc1

4.13.1-rc2

4.13.2

4.13.3

4.14.0

4.14.0-rc1

4.14.1

4.2.0

4.2.0-rc3

4.2.1

4.2.1-b1

4.2.1-rc1

4.3.0

4.3.0-b1

4.3.0-b2

4.3.0-b3

4.3.0-rc1

4.3.0-rc2

4.3.1

4.3.1-rc1

4.4.0

4.4.0-b1

4.4.0-rc1

4.4.0-rc2

4.4.0-rc3

4.4.1

4.4.1-rc1

4.5.0-b1

4.5.0-b2

4.5.0-b3

4.5.0-rc1

4.6.0-b1

4.6.0-b2

4.6.0-b3

4.6.0-rc1

4.7.0

4.7.0-b2

4.7.0-rc1

4.7.0-rc2

4.7.1

4.9.0

4.9.0-rc1

5.*

5.0.0-b1

5.0.0-b2

5.0.0-b3

5.0.0-b4

5.0.0-b5

5.0.0-rc1

5.0.0-rc2

5.0.0-rc3

5.0.0-rc4

5.0.0-rc5

5.0.0-rc8

5.0.0-rc9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-6923.json"