exploitDog

CVE-2020-8799

Опубликовано: 05 мая 2020

Источник: nvd

CVSS3: 4.8

CVSS2: 3.5

EPSS Низкий

Описание

A Stored XSS vulnerability has been found in the administration page of the WTI Like Post plugin through 1.4.5 for WordPress. Once the administrator has submitted the data, the script stored is executed for all the users visiting the website.

Ссылки

https://wordpress.org/plugins/wti-like-post/#developers
Product
Third Party Advisory
https://wpvulndb.com/vulnerabilities/10210
Third Party Advisory
https://wordpress.org/plugins/wti-like-post/#developers
Product
Third Party Advisory
https://wpvulndb.com/vulnerabilities/10210
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webtechideas:wti_like_post:*:*:*:*:*:wordpress:*:*

Версия до 1.4.5 (включая)

EPSS

Процентиль: 40%

0.00186

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-fg28-v9fx-wgww

github

больше 3 лет назад

A Stored XSS vulnerability has been found in the administration page of the WTI Like Post plugin through 1.4.5 for WordPress. Once the administrator has submitted the data, the script stored is executed for all the users visiting the website.

EPSS

Процентиль: 40%

0.00186

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79