Lucene search
HistoryJul 17, 2023 - 2:15 p.m.
CVE-2023-3186
cve-2023
popup
supsystic
wordpress
plugin
vulnerability
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.4%
The Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties into Object.prototype.
Affected configurations
Node
supsysticpopupRange<1.10.19
CNA Affected
[
{
"vendor": "Unknown",
"product": "Popup by Supsystic",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "1.10.19"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
cvelist
cvelist
CVE-2023-3186 Supsystic Popup < 1.10.19 - Prototype Pollution
2023-07-17 13:29:50
prion
prion
Buffer overflow
2023-07-17 14:15:00
nvd
nvd
CVE-2023-3186
2023-07-17 14:15:10
wpexploit
wpexploit
Supsystic Popup < 1.10.19 - Prototype Pollution
2023-06-23 00:00:00
wpvulndb
wpvulndb
Supsystic Popup < 1.10.19 - Prototype Pollution
2023-06-23 00:00:00
wordfence
wordfence
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.4%
Related for CVE-2023-3186