Lucene search
PatchstackCVE-2023-25466HistoryAug 30, 2023 - 4:15 p.m.
CVE-2023-25466
2023-08-3016:15:09
CWE-79
Patchstack
web.nvd.nist.gov
15
cve-2023-25466
unauthenticated
reflected xss
cross-site scripting
mahlamusa who hit the page
hit counter plugin
nvd
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
30.2%
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mahlamusa Who Hit The Page – Hit Counter plugin <= 1.4.14.3 versions.
Affected configurations
Node
mahlamusawho_hit_the_page_-_hit_counterRange≤1.4.14.3wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mahlamusa | who_hit_the_page_-_hit_counter | * | cpe:2.3:a:mahlamusa:who_hit_the_page_-_hit_counter:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "who-hit-the-page-hit-counter",
"product": "Who Hit The Page – Hit Counter",
"vendor": "Mahlamusa",
"versions": [
{
"lessThanOrEqual": "1.4.14.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-25466
2023-08-30 16:15:09
vulnrichment
vulnrichment
prion
prion
Cross site scripting
2023-08-30 16:15:00
cvelist
cvelist
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
30.2%
Related for CVE-2023-25466