CVE-2023-5819 in Amazonify Plugininfo

Summary

by MITRE • 11/07/2023

The Amazonify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. However, please note that this can also be combined with CVE-2023-5818 for CSRF to XSS.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 04/11/2026

The vulnerability identified as CVE-2023-5819 affects the Amazonify plugin for WordPress, representing a critical stored cross-site scripting flaw that undermines web application security. This vulnerability exists in all plugin versions up to and including 0.8.1, creating a persistent threat vector that can compromise user sessions and execute malicious code within the context of affected websites. The flaw specifically targets administrative settings within the plugin's interface, where insufficient input sanitization and output escaping mechanisms fail to properly validate or encode user-supplied data before it is stored and subsequently rendered in web pages. The vulnerability's impact is particularly severe because it requires only administrator-level permissions or higher, making it accessible to attackers who have already gained administrative access to a WordPress installation, though it can also be leveraged in combination with other vulnerabilities to expand attack surface.

The technical implementation of this vulnerability stems from inadequate data validation practices within the plugin's codebase, where user inputs are not properly sanitized before being stored in the database. This creates a stored XSS condition where malicious scripts can be injected and persistently executed whenever legitimate users access pages containing the compromised content. The vulnerability is specifically confined to multi-site WordPress installations and environments where the unfiltered_html capability has been disabled, which represents a significant operational constraint but also highlights the importance of proper privilege management and security configurations within WordPress environments. The combination of CVE-2023-5819 with CVE-2023-5818 creates a particularly dangerous attack scenario, as the latter vulnerability allows for cross-site request forgery that can be exploited to deliver the malicious payloads required for the stored XSS attack.

From an operational perspective, this vulnerability poses significant risks to organizations relying on WordPress for their web presence, particularly those utilizing multi-site configurations with strict security policies. The stored nature of the vulnerability means that once exploited, malicious scripts can affect multiple users over extended periods, potentially leading to session hijacking, data exfiltration, or further compromise of the affected systems. The requirement for administrator-level access, while limiting the initial attack surface, does not eliminate the severity of impact, as compromised administrative accounts represent a critical security breach that can lead to complete system compromise. Organizations using the Amazonify plugin must understand that this vulnerability can be leveraged to establish persistent backdoors or to perform actions that would otherwise require legitimate administrative privileges.

Mitigation strategies for CVE-2023-5819 should prioritize immediate plugin updates to versions that address the identified sanitization and escaping deficiencies, while also implementing comprehensive monitoring of administrative activities within WordPress installations. Security teams should conduct thorough audits of multi-site configurations to identify all instances of the vulnerable plugin and ensure proper input validation is implemented across all administrative interfaces. The vulnerability's classification aligns with CWE-79, which addresses cross-site scripting flaws, and can be mapped to ATT&CK technique T1548.001 for privilege escalation through administrative access. Organizations should also consider implementing web application firewalls to detect and block suspicious input patterns, while establishing strict access controls and monitoring for unauthorized administrative activities. The combination of this vulnerability with CVE-2023-5818 underscores the importance of multi-layered security approaches that address both authentication and input validation concerns within web applications.

Responsible

Wordfence

Reservation

10/26/2023

Disclosure

11/07/2023

Moderation

accepted

CPE

ready

EPSS

0.00486

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!