Lucene search
PatchstackCVE-2022-42460HistoryNov 10, 2022 - 10:15 p.m.
CVE-2022-42460
2022-11-1022:15:15
CWE-264
CWE-79
Patchstack
web.nvd.nist.gov
37
7
cve
2022
42460
broken access control
stored cross-site scripting
xss
traffic manager plugin
wordpress
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
19.4%
Broken Access Control vulnerability leading to Stored Cross-Site Scripting (XSS) in Traffic Manager plugin <= 1.4.5 on WordPress.
Affected configurations
Node
sedlextraffic_managerRange≤1.4.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sedlex | traffic_manager | * | cpe:2.3:a:sedlex:traffic_manager:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"vendor": "SedLex",
"product": "Traffic Manager (WordPress plugin)",
"versions": [
{
"version": "<= 1.4.5",
"status": "affected",
"lessThanOrEqual": "1.4.5",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
cvelist
cvelist
prion
prion
Cross site scripting
2022-11-10 22:15:00
wpvulndb
wpvulndb
Traffic Manager <= 1.4.5 - Subscriber+ Stored Cross-Site Scripting
2022-10-24 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2022-42460
2022-11-10 22:15:15
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
19.4%
Related for CVE-2022-42460