Lucene search
HistoryMay 04, 2023 - 8:15 p.m.
CVE-2023-25458
cve-2023-25458
authorization
stored xss
gmo internet group
inc.
typesquare webfonts
conoha plugin
nvd
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.5%
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GMO Internet Group, Inc. TypeSquare Webfonts for ConoHa plugin <=Β 2.0.3 versions.
Affected configurations
Node
gmo_internet_group\,_inc.typesquare_webfonts_for_conohaRangeβ€2.0.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| gmo:typesquare_webfonts_for_conoha | gmo typesquare webfonts for conoha | lt | 2.0.4 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ts-webfonts-for-conoha",
"product": "TypeSquare Webfonts for ConoHa",
"vendor": "GMO Internet Group, Inc.",
"versions": [
{
"changes": [
{
"at": "2.0.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.0.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
TypeSquare Webfonts for ConoHa < 2.0.4 - Admin+ Stored XSS
2023-02-23 00:00:00
prion
prion
Cross site scripting
2023-05-04 20:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-25458
2023-05-04 20:15:09
wordfence
wordfence
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.5%
Related for CVE-2023-25458