exploitDog

CVE-2023-4826

Опубликовано: 23 фев. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

The SocialDriver WordPress theme before version 2024 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties resulting in a cross-site scripting (XSS) attack.

Ссылки

http://socialdriver.com
Product
https://wpscan.com/vulnerability/99ec0add-8f4d-4d68-91aa-80b1631a53bf/
Third Party Advisory
http://socialdriver.com
Product
https://wpscan.com/vulnerability/99ec0add-8f4d-4d68-91aa-80b1631a53bf/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:socialdriver:socialdriver:*:*:*:*:*:wordpress:*:*

Версия до 2024 (исключая)

EPSS

Процентиль: 31%

0.00117

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-2pwj-8mjg-j34f

CVSS3: 6.1

github

почти 2 года назад

The SocialDriver WordPress theme before version 2024 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties resulting in a cross-site scripting (XSS) attack.

EPSS

Процентиль: 31%

0.00117

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79