exploitDog

CVE-2022-37328

Опубликовано: 23 сент. 2022

Источник: nvd

CVSS3: 3.4

CVSS3: 5.4

EPSS Низкий

Описание

Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in Themes Awesome History Timeline plugin <= 1.0.5 at WordPress.

Ссылки

https://patchstack.com/database/vulnerability/timeline-awesome/wordpress-history-timeline-plugin-1-0-5-authenticated-stored-cross-site-scripting-xss-vulnerability/_s_id=cve
Broken Link
Third Party Advisory
https://wordpress.org/plugins/timeline-awesome/
Third Party Advisory
https://patchstack.com/database/vulnerability/timeline-awesome/wordpress-history-timeline-plugin-1-0-5-authenticated-stored-cross-site-scripting-xss-vulnerability/_s_id=cve
Broken Link
Third Party Advisory
https://wordpress.org/plugins/timeline-awesome/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:themesawesome:timeline_awesome:*:*:*:*:*:wordpress:*:*

Версия до 1.0.5 (включая)

EPSS

Процентиль: 41%

0.00192

Низкий

3.4 Low

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-cpqw-x96c-hvhh

CVSS3: 5.4

github

больше 3 лет назад

Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in Themes Awesome History Timeline plugin <= 1.0.5 at WordPress.

EPSS

Процентиль: 41%

0.00192

Низкий

3.4 Low

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79