Lucene search
HistoryMay 04, 2023 - 1:15 p.m.
CVE-2022-45818
cve-2022-45818
authentication
contributor
stored xss
cross-site scripting
xss
vulnerability
wp onlinesupport
essential plugin hero banner ultimate
nvd
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.7%
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate plugin <= 1.3.4 versions.
Affected configurations
Node
wp_onlinesupport\,_essential_pluginhero_banner_ultimateRange≤1.3.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| essentialplugin:hero_banner_ultimate | essentialplugin hero banner ultimate | le | 1.3.4 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "hero-banner-ultimate",
"product": "Hero Banner Ultimate",
"vendor": "WP OnlineSupport, Essential Plugin",
"versions": [
{
"lessThanOrEqual": "1.3.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-45818
2023-05-04 13:15:13
prion
prion
Cross site scripting
2023-05-04 13:15:00
cvelist
cvelist
wpvulndb
wpvulndb
Hero Banner Ultimate <= 1.3.4 - Contributor+ Stored XSS
2023-02-22 00:00:00
wordfence
wordfence
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.7%
Related for CVE-2022-45818