Lucene search
HistoryDec 06, 2022 - 3:15 p.m.
CVE-2022-40209
cve-2022-40209
unauthenticated
reflected xss
xylus themes
wp smart import
wordpress
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
31.5%
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability inΒ Xylus Themes WP Smart Import plugin <=Β 1.0.2 on WordPress.
Affected configurations
Node
xylus_themeswp_smart_importRangeβ€1.0.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| xylusthemes:wp_smart_import | xylusthemes wp smart import | le | 1.0.2 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "WP Smart Import",
"vendor": "Xylus Themes",
"versions": [
{
"changes": [
{
"at": "1.0.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-40209
2022-12-06 15:15:15
wpvulndb
wpvulndb
WP Smart Import < 1.0.3 - Reflected Cross-Ste Scripting
2022-12-06 00:00:00
cvelist
cvelist
patchstack
patchstack
prion
prion
Cross site scripting
2022-12-06 15:15:00
openvas
openvas
WordPress WP Smart Import Plugin < 1.0.3 XSS Vulnerability
2023-09-21 00:00:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
31.5%
Related for CVE-2022-40209