Lucene search
PatchstackCVELIST:CVE-2022-41136HistoryOct 12, 2022 - 12:00 a.m.
CVE-2022-41136 WordPress Shortcodes Ultimate plugin <= 5.12.0 - CSRF vulnerability leading to Stored XSS
2022-10-1200:00:00
CWE-352
CWE-79
Patchstack
www.cve.org
cve-2022-41136 wordpress cross-site request forgery stored cross-site scripting vladimir anokhin's
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
41.9%
Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Vladimir Anokhin’s Shortcodes Ultimate plugin <= 5.12.0 on WordPress.
CNA Affected
[
{
"vendor": "Vladimir Anokhin",
"product": "Shortcodes Ultimate (WordPress plugin)",
"versions": [
{
"version": "<= 5.12.0",
"status": "affected",
"lessThanOrEqual": "5.12.0",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2022-41136
2022-11-08 19:15:15
patchstack
patchstack
nvd
nvd
CVE-2022-41136
2022-11-08 19:15:15
prion
prion
Cross site request forgery (csrf)
2022-11-08 19:15:00
wpvulndb
wpvulndb
Shortcodes Ultimate < 5.12.1 - Stored XSS via CSRF
2022-10-12 00:00:00
openvas
openvas
WordPress Shortcodes Ultimate Plugin < 5.12.1 Multiple CSRF Vulnerabilities
2022-11-10 00:00:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
41.9%
Related for CVELIST:CVE-2022-41136