Lucene search

K
cve[email protected]CVE-2023-24413
HistoryAug 08, 2023 - 12:15 p.m.

CVE-2023-24413

2023-08-0812:15:10
CWE-79
web.nvd.nist.gov
54
cve-2023-24413
unauthenticated
reflected xss
cross-site scripting
i thirteen web solution
wordpress
vertical image slider plugin

7.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

0.0005 Low

EPSS

Percentile

17.0%

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution WordPress vertical image slider plugin <=Β 1.2.16 versions.

Affected configurations

Vulners
NVD
Node
i_thirteen_web_solutionwordpress_vertical_image_slider_pluginRange≀1.2.16

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "wp-vertical-image-slider",
    "product": "WordPress vertical image slider plugin",
    "vendor": "I Thirteen Web Solution",
    "versions": [
      {
        "changes": [
          {
            "at": "1.2.17",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "1.2.16",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

7.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

0.0005 Low

EPSS

Percentile

17.0%

Related for CVE-2023-24413