Lucene search
HistoryApr 06, 2023 - 11:15 a.m.
CVE-2023-24403
cve-2023-24403
auth
stored xss
cross-site scripting
wp for the win
bbpress voting
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
0.001 Low
EPSS
Percentile
21.2%
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP For The Win bbPress Voting plugin <=Β 2.1.11.0 versions.
Affected configurations
Node
wp_for_the_winbbpress_votingRangeβ€2.1.11.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| wpforthewin:bbpress_voting | wpforthewin bbpress voting | lt | 2.1.11.1 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "bbp-voting",
"product": "bbPress Voting",
"vendor": "WP For The Win",
"versions": [
{
"changes": [
{
"at": "2.1.11.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.1.11.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2023-04-06 11:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-24403
2023-04-06 11:15:06
wpvulndb
wpvulndb
bbPress Voting < 2.1.11.1 - Admin+ Stored XSS
2023-01-27 00:00:00
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
0.001 Low
EPSS
Percentile
21.2%
Related for CVE-2023-24403