exploitDog

CVE-2021-26256

Опубликовано: 21 фев. 2022

Источник: nvd

CVSS3: 4.7

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Survey Maker WordPress plugin (versions <= 2.0.6).

Ссылки

https://patchstack.com/database/vulnerability/survey-maker/wordpress-survey-maker-plugin-2-0-6-unauthenticated-stored-cross-site-scripting-xss-vulnerability
Exploit
Third Party Advisory
https://wordpress.org/plugins/survey-maker/#developers
Release Notes
Vendor Advisory
https://patchstack.com/database/vulnerability/survey-maker/wordpress-survey-maker-plugin-2-0-6-unauthenticated-stored-cross-site-scripting-xss-vulnerability
Exploit
Third Party Advisory
https://wordpress.org/plugins/survey-maker/#developers
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ays-pro:survey_maker:*:*:*:*:*:wordpress:*:*

Версия до 2.0.6 (включая)

EPSS

Процентиль: 79%

0.01293

Низкий

4.7 Medium

CVSS3

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-2h38-3p2h-p683

github

больше 3 лет назад

Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Survey Maker WordPress plugin (versions <= 2.0.6).

EPSS

Процентиль: 79%

0.01293

Низкий

4.7 Medium

CVSS3

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

CWE-79