What the vulnerability does
01Description
This vulnerability could allow an attacker to store a malicious JavaScript payload in the broadcast message parameter within the admin panel.
CVE-2023-4564
MEDIUM
CVE-2023-4564: Multiple vulnerabilities in Canopsis of Capensis
CVSS base score
4.7/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Key dates
02Disclosure timeline
October 3, 2023
CVE published
October 1, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-54024 WordPress WPAdverts plugin <= 2.2.5 - Cross Site Scripting (XSS) Vulnerability
CVE-2024-28002 WordPress Cornerstone plugin <= 0.8.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2026-34212 Docmost page content has stored XSS via unsanitized attachment URLs
CVE-2025-53926 Emlog has Stored Cross-site Scripting vulnerability due to error
CVE-2025-67964 WordPress Homey Core plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability
