Lucene search
PatchstackCVELIST:CVE-2022-29420HistoryApr 28, 2022 - 12:00 a.m.
CVE-2022-29420 WordPress Countdown & Clock plugin <= 2.3.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
2022-04-2800:00:00
CWE-79
Patchstack
www.cve.org
1
wordpress
countdown & clock plugin
xss
vulnerability
stored xss
web page generation
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
22.9%
Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Adam Skaat Countdown & Clock (WordPress plugin) countdown-builder allows Stored XSS.This issue affects Countdown & Clock (WordPress plugin): from n/a through 2.3.2.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "countdown-builder",
"product": "Countdown & Clock (WordPress plugin)",
"vendor": "Adam Skaat",
"versions": [
{
"lessThanOrEqual": "2.3.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-29420
2022-05-06 17:15:09
cnvd
cnvd
WordPress plugin Countdown
2022-05-09 00:00:00
patchstack
patchstack
prion
prion
Cross site scripting
2022-05-06 17:15:00
vulnrichment
vulnrichment
cve
cve
CVE-2022-29420
2022-05-06 17:15:09
wpvulndb
wpvulndb
Countdown & Clock <= 2.3.2 - Admin+ Stored Cross-Site Scripting
2022-04-28 00:00:00
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
22.9%
Related for CVELIST:CVE-2022-29420