Lucene search

PatchstackCVELIST:CVE-2022-27861

HistoryAug 10, 2023 - 9:19 a.m.

CVE-2022-27861 WordPress Ninja Popups Plugin <= 4.7.5 is vulnerable to Open Redirection

2023-08-1009:19:45

CWE-601

Patchstack

www.cve.org

cve-2022-27861

wordpress

ninja popups

plugin

open redirection

vulnerability

4.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.1%

JSON

Unauth. Open Redirect vulnerability in Arscode Ninja Popups plugin <= 4.7.5 versions.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Ninja Popups",
    "vendor": "Arscode",
    "versions": [
      {
        "lessThanOrEqual": "4.7.5",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/arscode-ninja-popups/wordpress-ninja-popups-plugin-4-7-5-unauth-open-redirect-vulnerability?_s_id=cve

4.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVELIST:CVE-2022-27861