Lucene search
HistoryMay 10, 2023 - 10:15 a.m.
CVE-2022-33961
cve-2022-33961
auth
admin+
stored cross-site scripting
xss
waspthemes
visual css style editor
nvd
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.9 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.5%
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WaspThemes Visual CSS Style Editor plugin <=Β 7.5.8 versions.
Affected configurations
Node
waspthemesvisual_css_style_editorRangeβ€7.5.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| waspthemes | visual_css_style_editor | * | cpe:2.3:a:waspthemes:visual_css_style_editor:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "yellow-pencil-visual-theme-customizer",
"product": "Visual CSS Style Editor",
"vendor": "WaspThemes",
"versions": [
{
"changes": [
{
"at": "7.5.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.5.8",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2023-05-10 10:15:00
nvd
nvd
CVE-2022-33961
2023-05-10 10:15:09
wpvulndb
wpvulndb
YellowPencil Visual CSS Style Editor < 7.5.9 - Admin+ Stored XSS
2023-04-18 00:00:00
cvelist
cvelist
wordfence
wordfence
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.9 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.5%
Related for CVE-2022-33961