Lucene search

CVE-2018-9034

🗓️ 04 Apr 2018 19:00:29Reported by mitreType

cve🔗 web.nvd.nist.gov👁 38 Views🌐 WEB

Cross-site scripting vulnerability in Relevanssi plugin for WordPres

Reporter	Title	Published	Views	Family All 9
Packet Storm	WordPress Relevanssi 4.0.4 Cross Site Scripting	31 Mar 201800:00	–	packetstorm
WPVulnDB	Relevanssi <= 4.0.4 - Cross-Site Scripting (XSS)	30 Mar 201800:00	–	wpvulndb
Exploit DB	WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting	30 Mar 201800:00	–	exploitdb
Prion	Cross site scripting	4 Apr 201819:29	–	prion
exploitpack	WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting	30 Mar 201800:00	–	exploitpack
Cvelist	CVE-2018-9034	4 Apr 201819:00	–	cvelist
NVD	CVE-2018-9034	4 Apr 201819:29	–	nvd
Patchstack	WordPress Relevanssi plugin <=4.0.4 - Cross-Site Scripting (XSS) vulnerability	9 Apr 201800:00	–	patchstack
0day.today	Wordpress Relevanssi 4.0.4 Plugin - Reflected Cross-Site Scripting Vulnerability	30 Mar 201800:00	–	zdt

Nvd

Node

relevanssi relevanssiRange≤4.0.4wordpress

Source	Link
exploit-db	www.exploit-db.com/exploits/44366/

Parameter	Position	Path	Description	CWE
tab	query param	/wp-admin/options-general.php	Reflected cross-site scripting (XSS) vulnerability in the Relevanssi plugin that allows the injection of arbitrary JavaScript or HTML via the tab GET parameter.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Apr 2018 19:29Current

5.4Medium risk

Vulners AI Score5.4

CVSS23.5

CVSS35.4

EPSS0.00105

CWE-79