Lucene search
HistorySep 23, 2022 - 2:15 p.m.
CVE-2022-37338
cve
2022
37338
authenticated
stored
xss
blossom recipe maker
plugin
wordpress
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
22.9%
Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in Blossom Recipe Maker plugin <= 1.0.7 at WordPress.
Affected configurations
Node
blossomthemesblossom_recipe_makerRange≤1.0.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| blossomthemes | blossom_recipe_maker | * | cpe:2.3:a:blossomthemes:blossom_recipe_maker:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Blossom Recipe Maker (WordPress plugin)",
"vendor": "Blossomthemes",
"versions": [
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "<= 1.0.7",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
cvelist
cvelist
nvd
nvd
CVE-2022-37338
2022-09-23 14:15:12
patchstack
patchstack
wpvulndb
wpvulndb
Blossom Recipe Maker < 1.0.8 - Contributor+ Stored Cross-Site Scripting
2022-09-01 00:00:00
prion
prion
Cross site scripting
2022-09-23 14:15:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
22.9%
Related for CVE-2022-37338