Lucene search
PatchstackCVE-2024-37552HistoryJul 21, 2024 - 7:15 a.m.
CVE-2024-37552
2024-07-2107:15:04
CWE-79
Patchstack
web.nvd.nist.gov
21
cve-2024-37552
web page generation
xss
cross-site scripting
inisev social media
stored xss
vulnerability
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
EPSS
0
Percentile
14.7%
Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Inisev Social Media & Share Icons allows Stored XSS.This issue affects Social Media & Share Icons: from n/a through 2.9.1.
Affected configurations
Node
inisevsocial_media_share_buttons_\&_social_sharing_iconsRange<2.9.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| inisev | social_media_share_buttons_\&_social_sharing_icons | * | cpe:2.3:a:inisev:social_media_share_buttons_\&_social_sharing_icons:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ultimate-social-media-icons",
"product": "Social Media & Share Icons",
"vendor": "Inisev",
"versions": [
{
"changes": [
{
"at": "2.9.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.9.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-37552
2024-07-21 07:15:04
cvelist
cvelist
vulnrichment
vulnrichment
wordfence
wordfence
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
EPSS
0
Percentile
14.7%
Related for CVE-2024-37552