Lucene search
WordfenceCVELIST:CVE-2021-39311HistoryDec 14, 2021 - 3:50 p.m.
CVE-2021-39311 link-list-manager <= 1.0 Reflected Cross-Site Scripting
2021-12-1415:50:13
CWE-79
Wordfence
www.cve.org
2
link-list-manager
wordpress plugin
xss
vulnerability
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
30.0%
The link-list-manager WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the category parameter found in the ~/llm.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.
CNA Affected
[
{
"product": "link-list-manager",
"vendor": "link-list-manager",
"versions": [
{
"lessThanOrEqual": "1.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2021-39311
2021-12-14 16:15:08
cve
cve
CVE-2021-39311
2021-12-14 16:15:08
cnvd
cnvd
WordPress link-list-manager plugin cross-site scripting vulnerability
2021-12-19 00:00:00
wpvulndb
wpvulndb
Link List Manager <= 1.0 - Reflected Cross-Site Scripting
2021-12-14 00:00:00
patchstack
patchstack
prion
prion
Cross site scripting
2021-12-14 16:15:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
30.0%
Related for CVELIST:CVE-2021-39311