Lucene search

[email protected]CVE-2015-10119

HistoryJul 10, 2023 - 4:15 p.m.

CVE-2015-10119

2023-07-1016:15:47

CWE-79

[email protected]

web.nvd.nist.gov

cve-2015-10119

view all posts page plugin

wordpress

cross site scripting

vulnerability

security

upgrade

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

33.0%

JSON

A vulnerability, which was classified as problematic, has been found in View All Posts Page Plugin up to 0.9.0 on WordPress. This issue affects the function action_admin_notices_activation of the file view-all-posts-pages.php. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 0.9.1 is able to address this issue. The patch is named bf914f3a59063fa4df8fd4925ae18a5d852396d7. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-233363.

Affected configurations

Vulners

NVD

Node

ivycatposts_in_pageMatch0.1

ivycatposts_in_pageMatch0.2

ivycatposts_in_pageMatch0.3

ivycatposts_in_pageMatch0.4

ivycatposts_in_pageMatch0.5

ivycatposts_in_pageMatch0.6

ivycatposts_in_pageMatch0.7

ivycatposts_in_pageMatch0.8

ivycatposts_in_pageMatch0.9

VendorProductVersionCPE
ivycatposts_in_page0.1cpe:2.3:a:ivycat:posts_in_page:0.1:*:*:*:*:*:*:*
ivycatposts_in_page0.2cpe:2.3:a:ivycat:posts_in_page:0.2:*:*:*:*:*:*:*
ivycatposts_in_page0.3cpe:2.3:a:ivycat:posts_in_page:0.3:*:*:*:*:*:*:*
ivycatposts_in_page0.4cpe:2.3:a:ivycat:posts_in_page:0.4:*:*:*:*:*:*:*
ivycatposts_in_page0.5cpe:2.3:a:ivycat:posts_in_page:0.5:*:*:*:*:*:*:*
ivycatposts_in_page0.6cpe:2.3:a:ivycat:posts_in_page:0.6:*:*:*:*:*:*:*
ivycatposts_in_page0.7cpe:2.3:a:ivycat:posts_in_page:0.7:*:*:*:*:*:*:*
ivycatposts_in_page0.8cpe:2.3:a:ivycat:posts_in_page:0.8:*:*:*:*:*:*:*
ivycatposts_in_page0.9cpe:2.3:a:ivycat:posts_in_page:0.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ivycat	posts_in_page	0.1	cpe:2.3:a:ivycat:posts_in_page:0.1:::::::*
ivycat	posts_in_page	0.2	cpe:2.3:a:ivycat:posts_in_page:0.2:::::::*
ivycat	posts_in_page	0.3	cpe:2.3:a:ivycat:posts_in_page:0.3:::::::*
ivycat	posts_in_page	0.4	cpe:2.3:a:ivycat:posts_in_page:0.4:::::::*
ivycat	posts_in_page	0.5	cpe:2.3:a:ivycat:posts_in_page:0.5:::::::*
ivycat	posts_in_page	0.6	cpe:2.3:a:ivycat:posts_in_page:0.6:::::::*
ivycat	posts_in_page	0.7	cpe:2.3:a:ivycat:posts_in_page:0.7:::::::*
ivycat	posts_in_page	0.8	cpe:2.3:a:ivycat:posts_in_page:0.8:::::::*
ivycat	posts_in_page	0.9	cpe:2.3:a:ivycat:posts_in_page:0.9:::::::*

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "View All Posts Page Plugin",
    "versions": [
      {
        "version": "0.1",
        "status": "affected"
      },
      {
        "version": "0.2",
        "status": "affected"
      },
      {
        "version": "0.3",
        "status": "affected"
      },
      {
        "version": "0.4",
        "status": "affected"
      },
      {
        "version": "0.5",
        "status": "affected"
      },
      {
        "version": "0.6",
        "status": "affected"
      },
      {
        "version": "0.7",
        "status": "affected"
      },
      {
        "version": "0.8",
        "status": "affected"
      },
      {
        "version": "0.9",
        "status": "affected"
      }
    ]
  }
]

References

github.com/wp-plugins/view-all-posts-pages/commit/bf914f3a59063fa4df8fd4925ae18a5d852396d7

vuldb.com/?ctiid.233363

vuldb.com/?id.233363

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

33.0%

JSON

Related for CVE-2015-10119

prion1 cvelist1 nvd1