{"id":"CVE-2023-27926","details":"Cross-site scripting vulnerability in Profile setting function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script.","modified":"2026-05-18T05:56:33.135685646Z","published":"2023-05-23T00:00:00Z","database_specific":{"cna_assigner":"jpcert","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/27xxx/CVE-2023-27926.json","unresolved_ranges":[{"extracted_events":[{"last_affected":"9.88.1.0 and earlier"}],"source":"AFFECTED_FIELD"}]},"references":[{"type":"WEB","url":"https://jvn.jp/en/jp/JVN95792402/"},{"type":"WEB","url":"https://www.vektor-inc.co.jp/product-update/vk-blocks-exunit-xss/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/27xxx/CVE-2023-27926.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27926"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/vektor-inc/vk-all-in-one-expansion-unit","events":[{"introduced":"0"},{"fixed":"b7d8bbff13702b903c740d3e1295b22169e1a0ea"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"9.88.2.0"}],"cpe":"cpe:2.3:a:vektor-inc:vk_all_in_one_expansion_unit:*:*:*:*:*:wordpress:*:*","source":"CPE_FIELD"}}],"versions":["9.88.1.0","9.88.0.0","9.87.3.0","9.87.2.1","9.87.2.0","9.87.1.0","9.87.0.1","9.87.0.0","9.86.2.0","9.86.1.0","9.86.0.1","9.86.0.0","9.85.0.1","9.85.0.0","9.84.3.0","9.84.2.0","9.84.1.0","9.84.0.0","9.83.1.0","9.83.0.0","9.82.0.0","9.81.3.0","9.81.2.0","9.81.1.0","9.81.0.1","9.81.0.0","9.80.1.0","9.80.0.0","9.79.0.0","9.78.1.0","9.78.0.1","9.77.0.0","9.76.3.0","9.76.2.0","9.76.1.0","9.76.0.1","9.76.0.0","9.75.0.0","9.74.2.0","9.74.1.0","9.74.0.0","9.73.3.0","9.73.2.0","9.73.0.1","9.73.0.0","9.72.0.0","9.71.1.1","9.71.0.27","9.71.0.26","9.71.0.15","9.71.0.14","9.71.0.13","9.71.0.12","9.71.0.11","9.71.0.10","push","9.71.0.6","9.71.0.5","9.71.0.4","9.71.0.2","9.71.0.1","9.71.0.0","9.70.2.0","9.70.1.0","9.70.0.0","9.69.3.0","9.69.2.0","9.69.1.0","9.69.0.0","9.68.4.0","9.68.3.0","9.68.2.0","9.68.1.0","9.68.0.1","9.68.0.0","9.67.2.0","9.67.1.0","9.67.0.0","9.66.2.0","9.66.1.1","9.66.1.0","9.66.01","9.66.0.1","9.66.0.0","9.65.0.0","9.64.5.0","9.64.4.0","9.64.3.2","9.64.3.1","9.64.3.0","9.64.2.0","9.64.1.0","9.63.1.0","9.63.0.0","9.62.0.0","9.61.6.0","9.61.5.0","9.61.4.0","9.61.3.0","9.61.2.0","9.61.1.1","9.61.1.0","9.61.0.0","9.60.1.0","9.60.0.0","9.48.1.0","9.48.0.0","9.47.0.0","9.46.1.0","9.46.0.0","9.45.0.0","9.44.2.0","9.44.1.0","9.44.0.9","9.44.0.8","9.44.0.7","0.0.0.3","0.0.0.1","0.0.0","9.44.0.6","9.44.0.5","9.44.0.4","9.44.0.3","9.44.0.2","9.44.0.1","9.44.0.0","9.43.2.0","9.43.1.0","9.43.0.0","9.42.1.0","9.42.0.0","9.41.0.0","9.40.0.0","9.39.0.0","9.38.0.0","9.37.2.0","9.37.1.1","9.37.1.0","9.37.0.0","9.36.1.0","9.35.0.0","9.34.1.0","9.34.0.0","9.33.0.0","9.32.0.0","9.31.11.0","9.31.10.0","9.31.8.0","9.31.0.0","9.30.2.0","9.30.0.1","9.30.0.0","9.29.7.0","9.29.6.0","9.29.5.0","9.29.4.0","9.29.3.0","9.29.2.0","9.29.1.0","9.29.0.0","9.28.3.0","9.28.2.0","9.28.1.0","9.28.0.0","9.27.0.2","9.26.2.0","9.26.1.0","9.26.0.0","9.24.0.0","9.22.1.0","9.22.0.0","9.21.0.0","9.20.0.0","9.19.0.0","9.18.1.0","9.18.0.2","9.18.0.1","9.18.0.0","9.17.0.0","9.16.2.0","9.16.1.0","9.16.0.2","9.16.0.1","9.16.0.0","9.15.5.0","9.15.4.0","9.15.3.0","9.15.2.1","9.15.1.2","9.15.1.1","9.15.1.0","9.15.0.0","9.14.0.0","9.13.1.0","9.13.0.0","9.12.0.1","9.12.0.0","9.11.5.0","9.11.4.0","9.11.3.0","9.11.2.0","9.11.1.0","9.11.0.0","9.10.1.0","9.10.0.1","9.10.0.0","9.9.0.0","9.8.3.0","9.8.2.0","9.8.1.0","9.8.0.3","9.8.0.1","6.4.9","6.4.8","6.4.6","6.3.1","6.1.2","5.7.0","5.6.0","5.5.0","5.4.7","5.4.5","5.4.2","5.4.1","5.3.8","5.3.5","5.3.4","5.3.3","5.3.2","5.2.9","5.2.8","5.2.7","5.2.0","5.1.0","5.0.3","5.0.0","4.7.0","4.6.4","4.6.2","4.6.1","4.5.1","4.5.0","4.4.1","4.3.7","4.3.3","4.3.2","4.3.1","4.2.0","4.1.5","4.1.4","4.0.10","4.0.9","4.0.8","4.0.5","4.0.1","4.0.0","3.8.0","3.7.10","3.7.7","3.7.6","3.7.3","3.7.2","3.7.1","3.7.0","3.6.3","3.5.3","3.5.2","3.5.1","3.5.0","3.4.0","3.3.0","3.2.0","3.1.3","3.0.2","3.0.1","3.0.0","2.3.6","2.3.5","2.3.4","2.3.3","2.3.2","2.3.1","2.3.0","2.2.5","2.2.0","2.1.1","1.0.8","0.1.5.1","0.1.5.0","0.1.4.0","0.1.3.1","0.1.2.0","0.0.0.2"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-27926.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}