exploitDog

CVE-2016-11001

Опубликовано: 20 сент. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field.

Ссылки

https://wordpress.org/plugins/user-submitted-posts/#developers
Product
Third Party Advisory
https://www.securityfocus.com/archive/1/537616/30/0/threaded
Exploit
Third Party Advisory
VDB Entry
https://wordpress.org/plugins/user-submitted-posts/#developers
Product
Third Party Advisory
https://www.securityfocus.com/archive/1/537616/30/0/threaded
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:plugin-planet:user_submitted_posts:*:*:*:*:*:wordpress:*:*

Версия до 20160215 (исключая)

EPSS

Процентиль: 39%

0.00174

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-c3mh-rg37-jh5p

github

больше 3 лет назад

The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field.

EPSS

Процентиль: 39%

0.00174

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79