CVE-2023-6807 in GeneratePress Premium Plugin
Summary
by MITRE • 02/06/2024
The GeneratePress Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom meta output in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 04/11/2026
The CVE-2023-6807 vulnerability resides within the GeneratePress Premium WordPress plugin, specifically targeting versions up to and including 2.3.2. This security flaw represents a critical stored cross-site scripting vulnerability that exploits the plugin's custom meta output functionality. The vulnerability manifests when authenticated attackers with contributor-level permissions or higher manipulate user-supplied attributes through the plugin's interface, creating a persistent threat that can affect any user who accesses the compromised pages.
The technical root cause of this vulnerability stems from inadequate input sanitization and output escaping mechanisms within the plugin's codebase. When administrators or contributors input data through the plugin's custom meta fields, the system fails to properly validate or sanitize the user-supplied attributes before storing them in the database. This insufficient sanitization allows malicious scripts to be stored as legitimate content, creating a persistent XSS payload that remains dormant until accessed by other users. The vulnerability specifically affects the plugin's handling of custom meta output, where user input is directly incorporated into HTML output without proper escaping mechanisms.
The operational impact of this vulnerability extends beyond simple script execution, as it enables attackers to perform various malicious activities through the compromised WordPress installation. Authenticated attackers can inject scripts that steal session cookies, redirect users to malicious sites, deface pages, or even establish persistent backdoors within the WordPress environment. Since the vulnerability requires only contributor-level permissions, it represents a significant risk for WordPress sites that do not properly enforce role-based access controls or monitor user activities. The stored nature of the vulnerability means that once injected, malicious scripts will execute automatically whenever any user accesses the affected pages, creating a continuous threat vector.
Mitigation strategies for CVE-2023-6807 should focus on immediate remediation and ongoing security enhancements. The primary solution involves upgrading to the latest version of the GeneratePress Premium plugin where the vulnerability has been addressed through proper input sanitization and output escaping implementations. Organizations should also implement comprehensive monitoring of user activities, particularly for contributors and editors who have the capability to inject content. Network-based solutions such as web application firewalls can provide additional protection layers, while security teams should conduct thorough audits of all plugins and themes to identify similar sanitization gaps. This vulnerability aligns with CWE-79, which specifically addresses cross-site scripting flaws, and represents a clear violation of the principle of least privilege as outlined in various security frameworks including the NIST Cybersecurity Framework. The ATT&CK framework categorizes this vulnerability under T1548.001 for Abuse of Functionality, as attackers exploit legitimate plugin features to achieve unauthorized code execution.