Lucene search
PatchstackCVE-2023-22718HistoryApr 23, 2023 - 10:15 a.m.
CVE-2023-22718
2023-04-2310:15:07
CWE-79
Patchstack
web.nvd.nist.gov
19
cve-2023
22718
xss
vulnerability
jason lau user meta manager plugin
nvd
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
18.2%
Reflected Cross-Site Scripting (XSS) vulnerability in Jason Lau User Meta Manager plugin <=Β 3.4.9 versions.
Affected configurations
Node
user_meta_manager_projectuser_meta_managerRange<3.5.0wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| user_meta_manager_project | user_meta_manager | * | cpe:2.3:a:user_meta_manager_project:user_meta_manager:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "user-meta-manager",
"product": "User Meta Manager",
"vendor": "Jason Lau",
"versions": [
{
"changes": [
{
"at": "3.5.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.4.9",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
User Meta Manager <= 3.4.9 - CSRF
2023-01-10 00:00:00
User Meta Manager <= 3.4.9 - Reflected XSS
2023-01-19 00:00:00
cvelist
cvelist
prion
prion
Cross site scripting
2023-04-23 10:15:00
nvd
nvd
CVE-2023-22718
2023-04-23 10:15:07
vulnrichment
vulnrichment
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
18.2%
Related for CVE-2023-22718