Lucene search

K
cvelistPatchstackCVELIST:CVE-2024-22159
HistoryJan 31, 2024 - 6:12 p.m.

CVE-2024-22159 WordPress WOLF Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)

2024-01-3118:12:04
CWE-79
Patchstack
www.cve.org
cve-2024-22159
wordpress
wolf plugin
cross site scripting
xss
reflected xss
security vulnerability

7.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

0.0005 Low

EPSS

Percentile

17.1%

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "bulk-editor",
    "product": "WOLF – WordPress Posts Bulk Editor and Manager Professional",
    "vendor": "realmag777",
    "versions": [
      {
        "changes": [
          {
            "at": "1.0.8.1",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "1.0.8",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

7.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

0.0005 Low

EPSS

Percentile

17.1%

Related for CVELIST:CVE-2024-22159