exploitDog

CVE-2020-11731

Опубликовано: 13 апр. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript.

Ссылки

https://wordpress.org/plugins/media-library-assistant/#developers
Release Notes
Vendor Advisory
https://wordpress.org/plugins/media-library-assistant/#developers
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:davidlingren:media_library_assistant:*:*:*:*:*:wordpress:*:*

Версия до 2.82 (исключая)

EPSS

Процентиль: 62%

0.00431

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-3p5c-rjfv-r2rv

CVSS3: 6.1

github

больше 3 лет назад

The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript.

EPSS

Процентиль: 62%

0.00431

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79