Lucene search
PatchstackCVE-2024-37258HistoryJul 22, 2024 - 9:15 a.m.
CVE-2024-37258
2024-07-2209:15:05
CWE-79
Patchstack
web.nvd.nist.gov
28
cve-2024-37258
social rocket
reflected xss
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
7
Confidence
High
EPSS
0.001
Percentile
17.5%
Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Social Rocket allows Reflected XSS.This issue affects Social Rocket: from n/a through 1.3.3.
Affected configurations
Node
wpsocialrocketsocial_rocketRange<1.3.4wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wpsocialrocket | social_rocket | * | cpe:2.3:a:wpsocialrocket:social_rocket:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "social-rocket",
"product": "Social Rocket",
"vendor": "Social Rocket",
"versions": [
{
"changes": [
{
"at": "1.3.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-37258
2024-07-22 09:15:05
vulnrichment
vulnrichment
cvelist
cvelist
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
7
Confidence
High
EPSS
0.001
Percentile
17.5%
Related for CVE-2024-37258