Lucene search

CVE-2024-31111 WordPress Core < 6.5.5 - Cross Site Scripting (XSS) vulnerability

🗓️ 25 Jun 2024 12:47:54Reported by PatchstackType

WordPress Core XSS vulnerability CVE-2024-3111

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 17
Patchstack	WordPress is vulnerable to Cross Site Scripting (XSS)	25 Jun 202400:00	–	patchstack
Vulnrichment	CVE-2024-31111 WordPress Core < 6.5.5 - Cross Site Scripting (XSS) vulnerability	25 Jun 202412:54	–	vulnrichment
OSV	BIT-WORDPRESS-MULTISITE-2024-31111	27 Jun 202407:42	–	osv
OSV	BIT-WORDPRESS-2024-31111	27 Jun 202407:43	–	osv
OSV	CVE-2024-31111	25 Jun 202413:15	–	osv
OSV	UBUNTU-CVE-2024-31111	25 Jun 202413:15	–	osv
UbuntuCve	CVE-2024-31111	25 Jun 202400:00	–	ubuntucve
NVD	CVE-2024-31111	25 Jun 202413:15	–	nvd
NVD	CVE-2024-6305	25 Jun 202411:15	–	nvd
CVE	CVE-2024-31111	25 Jun 202413:15	–	cve

[
  {
    "defaultStatus": "unaffected",
    "product": "WordPress",
    "vendor": "Automattic",
    "versions": [
      {
        "changes": [
          {
            "at": "6.5.5",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.5.4",
        "status": "affected",
        "version": "6.5",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.4.5",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.4.4",
        "status": "affected",
        "version": "6.4",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.3.5",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.3.4",
        "status": "affected",
        "version": "6.3",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.2.6",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.2.5",
        "status": "affected",
        "version": "6.2",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.1.7",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.1.6",
        "status": "affected",
        "version": "6.1",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.0.9",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.0.8",
        "status": "affected",
        "version": "6.0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.9.10",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.9.9",
        "status": "affected",
        "version": "5.9",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/wordpress/wordpress-wordpress-core-core-6-5-5-cross-site-scripting-xss-via-template-part-vulnerability
wordpress	www.wordpress.org/news/2024/06/wordpress-6-5-5/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Jun 2024 12:54Current

CVSS36.5

EPSS0.00343

CWE-79