Lucene search
PatchstackCVELIST:CVE-2022-29416HistoryFeb 06, 2023 - 12:31 p.m.
CVE-2022-29416 WordPress Afterpay Gateway for WooCommerce Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)
2023-02-0612:31:14
CWE-79
Patchstack
www.cve.org
2
wordpress
afterpay
woocommerce
cve-2022-29416
cross site scripting
CVSS3
4.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
EPSS
0.001
Percentile
32.1%
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability inΒ Afterpay Gateway for WooCommerce <= 3.5.0 versions.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "afterpay-gateway-for-woocommerce",
"product": "Afterpay Gateway for WooCommerce",
"vendor": "Afterpay",
"versions": [
{
"changes": [
{
"at": "3.5.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.5.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Afterpay Gateway for WooCommerce < 3.5.1 - Reflected Cross-Site Scripting
2022-12-01 00:00:00
Afterpay Gateway for WooCommerce < 3.5.1 - Reflected Cross-Site Scripting
2022-12-01 00:00:00
cve
cve
CVE-2022-29416
2023-02-06 13:15:09
prion
prion
Cross site scripting
2023-02-06 13:15:00
nvd
nvd
CVE-2022-29416
2023-02-06 13:15:09
CVSS3
4.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
EPSS
0.001
Percentile
32.1%
Related for CVELIST:CVE-2022-29416