exploitDog

CVE-2019-17070

Опубликовано: 10 окт. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

The liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin before 1.0.7 for WordPress allows XSS with Internet Explorer.

Ссылки

https://gist.github.com/rezaduty/18afedba24bb1e5835010bd2de67cece
Third Party Advisory
https://wordpress.org/plugins/liquid-speech-balloon/#developers
Release Notes
Vendor Advisory
https://gist.github.com/rezaduty/18afedba24bb1e5835010bd2de67cece
Third Party Advisory
https://wordpress.org/plugins/liquid-speech-balloon/#developers
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:lqd:liquid_speech_balloon:1.0.5:*:*:*:*:wordpress:*:*

cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.00439

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-p45j-pm3v-56h2

CVSS3: 6.1

github

больше 3 лет назад

The liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin 1.0.5 for WordPress allows XSS with Internet Explorer.

EPSS

Процентиль: 63%

0.00439

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79