exploitDog

CVE-2018-5366

Опубликовано: 12 янв. 2018

Источник: nvd

CVSS3: 4.8

CVSS2: 3.5

EPSS Низкий

Описание

The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[more_languages] parameter to wp-admin/options.php.

Ссылки

https://github.com/d4wner/Vulnerabilities-Report/blob/master/wpglobus.md
Exploit
Third Party Advisory
https://wpvulndb.com/vulnerabilities/9003
Third Party Advisory
VDB Entry
https://github.com/d4wner/Vulnerabilities-Report/blob/master/wpglobus.md
Exploit
Third Party Advisory
https://wpvulndb.com/vulnerabilities/9003
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wpglobus:wpglobus:1.9.6:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 54%

0.0031

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-35mh-f6p8-pj2c

CVSS3: 4.8

github

больше 3 лет назад

WPGlobus plugin Stored XSS & CSRF security vulnerability

EPSS

Процентиль: 54%

0.0031

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79