exploitDog

CVE-2016-10941

Опубликовано: 13 сент. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF.

Ссылки

https://blog.ripstech.com/2016/the-state-of-wordpress-security/
Third Party Advisory
https://github.com/podlove/podlove-publisher/blob/master/changelog.txt
Release Notes
https://wordpress.org/plugins/podlove-podcasting-plugin-for-wordpress/#developers
Release Notes
https://blog.ripstech.com/2016/the-state-of-wordpress-security/
Third Party Advisory
https://github.com/podlove/podlove-publisher/blob/master/changelog.txt
Release Notes
https://wordpress.org/plugins/podlove-podcasting-plugin-for-wordpress/#developers
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:podlove:podlove_podcast_publisher:*:*:*:*:*:wordpress:*:*

Версия до 2.3.16 (исключая)

EPSS

Процентиль: 49%

0.0026

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-chv7-5262-hrhf

github

больше 3 лет назад

The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF.

EPSS

Процентиль: 49%

0.0026

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79