Lucene search
HistoryMay 27, 2015 - 6:59 p.m.
CVE-2015-4065
cve-2015-4065
xss
vulnerability
shared/shortcodes/inbound-shortcodes.php
landing pages plugin
wordpress
remote authenticated users
web script
html
post parameter
wp-admin/post-new.php
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.4%
Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the post parameter to wp-admin/post-new.php.
Affected configurations
Node
landing_pages_projectlanding_pagesRange≤1.8.4wordpress
| CPE | Name | Operator | Version |
|---|---|---|---|
| landing_pages_project:landing_pages | landing pages project landing pages | le | 1.8.4 |
Related
prion
prion
Cross site scripting
2015-05-27 18:59:00
nvd
nvd
CVE-2015-4065
2015-05-27 18:59:06
seebug
seebug
WordPress Landing Pages 1.8.4 Cross Site Scripting ( CVE-2015-4065 )
2015-09-21 00:00:00
patchstack
patchstack
WordPress Landing Pages Plugin <= 1.8.4 - XSS
2015-05-26 00:00:00
cvelist
cvelist
CVE-2015-4065
2015-05-27 18:00:00
zdt
zdt
packetstorm
packetstorm
WordPress Landing Pages 1.8.4 Cross Site Scripting / SQL Injection
2015-05-25 00:00:00
exploitpack
exploitpack
WordPress Plugin Landing Pages 1.8.4 - Multiple Vulnerabilities
2015-05-26 00:00:00
wpvulndb
wpvulndb
WordPress Landing Pages <= 1.8.4 - XSS & SQL Injection
2015-05-25 00:00:00
exploitdb
exploitdb
WordPress Plugin Landing Pages 1.8.4 - Multiple Vulnerabilities
2015-05-26 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.4%
Related for CVE-2015-4065