Lucene search

K
cvelistVulDBCVELIST:CVE-2015-10098
HistoryApr 08, 2023 - 9:00 a.m.

CVE-2015-10098 Broken Link Checker Plugin ui_get_action_links cross site scripting

2023-04-0809:00:06
CWE-79
VulDB
www.cve.org
4
wordpress
cross site scripting
remote attack
upgrade
patch
vdb-225152

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

3.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

44.2%

A vulnerability was found in Broken Link Checker Plugin up to 1.10.5 on WordPress. It has been rated as problematic. Affected by this issue is the function print_module_list/show_warnings_section_notice/status_text/ui_get_action_links. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.10.6 is able to address this issue. The name of the patch is f30638869e281461b87548e40b517738b4350e47. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-225152.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Broken Link Checker Plugin",
    "versions": [
      {
        "version": "1.10.0",
        "status": "affected"
      },
      {
        "version": "1.10.1",
        "status": "affected"
      },
      {
        "version": "1.10.2",
        "status": "affected"
      },
      {
        "version": "1.10.3",
        "status": "affected"
      },
      {
        "version": "1.10.4",
        "status": "affected"
      },
      {
        "version": "1.10.5",
        "status": "affected"
      }
    ]
  }
]

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

3.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

44.2%

Related for CVELIST:CVE-2015-10098