exploitDog

CVE-2017-9288

Опубликовано: 29 мая 2017

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected XSS in sendtesterror.php (backurl parameter).

Ссылки

http://jgj212.blogspot.kr/2017/05/a-reflected-xss-vulnerability-in.html
Exploit
Third Party Advisory
https://github.com/MindscapeHQ/raygun4wordpress/issues/16
Third Party Advisory
https://github.com/MindscapeHQ/raygun4wordpress/pull/17
Third Party Advisory
https://wpvulndb.com/vulnerabilities/8836
http://jgj212.blogspot.kr/2017/05/a-reflected-xss-vulnerability-in.html
Exploit
Third Party Advisory
https://github.com/MindscapeHQ/raygun4wordpress/issues/16
Third Party Advisory
https://github.com/MindscapeHQ/raygun4wordpress/pull/17
Third Party Advisory
https://wpvulndb.com/vulnerabilities/8836

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:raygun:raygun4wp:1.8.0:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 86%

0.02863

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-5vr8-8w2c-45pm

CVSS3: 6.1

github

больше 3 лет назад

The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected XSS in sendtesterror.php (backurl parameter).

EPSS

Процентиль: 86%

0.02863

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79