Lucene search

K
cvePatchstackCVE-2024-32573
HistoryApr 18, 2024 - 10:15 a.m.

CVE-2024-32573

2024-04-1810:15:12
CWE-79
Patchstack
web.nvd.nist.gov
36
cve-2024-32573
improper neutralization
web page generation
cross-site scripting
wp lab
wp-lister lite ebay
stored xss
nvd

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

AI Score

6.6

Confidence

High

EPSS

0

Percentile

9.0%

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in WP Lab WP-Lister Lite for eBay allows Stored XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.5.11.

Affected configurations

Vulners
Node
wp_labwp-lister_lite_for_ebayRange3.5.11wordpress
VendorProductVersionCPE
wp_labwp-lister_lite_for_ebay*cpe:2.3:a:wp_lab:wp-lister_lite_for_ebay:*:*:*:*:*:wordpress:*:*

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "wp-lister-for-ebay",
    "product": "WP-Lister Lite for eBay",
    "vendor": "WP Lab",
    "versions": [
      {
        "changes": [
          {
            "at": "3.6.0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "3.5.11",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

AI Score

6.6

Confidence

High

EPSS

0

Percentile

9.0%