4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:M/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
14.0%
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress Leyka plugin 3.30.3 and earlier versions, which stems from not cleaning up and escaping some of its settings, and can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress leyka plugin | le | 3.30.3 |