CVE-2015-9273

Опубликовано: 07 окт. 2018

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

The wp-slimstat (aka Slimstat Analytics) plugin before 4.1.6.1 for WordPress has XSS via an HTTP Referer header, or via a field associated with JavaScript-based Referer tracking.

Ссылки

http://plugins.svn.wordpress.org//wp-slimstat/tags/4.1.6.1/readme.txt
Release Notes
Third Party Advisory
https://plugins.trac.wordpress.org/changeset/1204104
Release Notes
Third Party Advisory
https://www.openwall.com/lists/oss-security/2015/07/30/1
Mailing List
Third Party Advisory
http://plugins.svn.wordpress.org//wp-slimstat/tags/4.1.6.1/readme.txt
Release Notes
Third Party Advisory
https://plugins.trac.wordpress.org/changeset/1204104
Release Notes
Third Party Advisory
https://www.openwall.com/lists/oss-security/2015/07/30/1
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wp-slimstat:slimstat_analytics:*:*:*:*:*:wordpress:*:*

Версия до 4.1.6.1 (исключая)

EPSS

Процентиль: 48%

0.0025

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-w2m4-gcxr-vmhm