exploitDog

CVE-2017-1002017

Опубликовано: 14 сент. 2017

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

Vulnerability in wordpress plugin gift-certificate-creator v1.0, The code in gc-list.php doesn't sanitize user input to prevent a stored XSS vulnerability.

Ссылки

http://www.vapidlabs.com/advisory.php?v=191
Exploit
Patch
Third Party Advisory
https://wordpress.org/plugins/gift-certificate-creator/
Product
Third Party Advisory
http://www.vapidlabs.com/advisory.php?v=191
Exploit
Patch
Third Party Advisory
https://wordpress.org/plugins/gift-certificate-creator/
Product
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bobcares:gift-certificate-creator:1.0:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 68%

0.00562

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-5x4j-f676-6cj8

CVSS3: 6.1

github

больше 3 лет назад

Vulnerability in wordpress plugin gift-certificate-creator v1.0, The code in gc-list.php doesn't sanitize user input to prevent a stored XSS vulnerability.

EPSS

Процентиль: 68%

0.00562

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79