VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-u5f6-hy8m-5qd6

Weaknesses (3)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2023-41661
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2023-41661

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2023-41661
		https://patchstack.com/database/vulnerability/smarty-for-wordpress/wordpress-smarty-for-wordpress-plugin-3-1-35-cross-site-scripting-xss-vulnerability?_s_id=cve
CVE-2023-41661		https://nvd.nist.gov/vuln/detail/CVE-2023-41661

No exploits are available.

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Date	Actor	Action	Source	VulnerableCode Version
2026-06-12T02:17:57.476828+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	38.6.0