Lucene search

K
nvd[email protected]NVD:CVE-2022-43500
HistoryDec 05, 2022 - 4:15 a.m.

CVE-2022-43500

2022-12-0504:15:10
CWE-79
web.nvd.nist.gov

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.002 Low

EPSS

Percentile

55.0%

Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7.

Affected configurations

NVD
Node
wordpresswordpressRange<3.7.40
OR
wordpresswordpressRange3.83.8.40
OR
wordpresswordpressRange3.93.9.39
OR
wordpresswordpressRange4.04.0.37
OR
wordpresswordpressRange4.14.1.37
OR
wordpresswordpressRange4.24.2.34
OR
wordpresswordpressRange4.34.3.30
OR
wordpresswordpressRange4.44.4.29
OR
wordpresswordpressRange4.54.5.28
OR
wordpresswordpressRange4.64.6.25
OR
wordpresswordpressRange4.74.7.25
OR
wordpresswordpressRange4.84.8.21
OR
wordpresswordpressRange4.94.9.22
OR
wordpresswordpressRange5.05.0.18
OR
wordpresswordpressRange5.15.1.15
OR
wordpresswordpressRange5.25.2.17
OR
wordpresswordpressRange5.35.3.14
OR
wordpresswordpressRange5.45.4.12
OR
wordpresswordpressRange5.55.5.11
OR
wordpresswordpressRange5.65.6.10
OR
wordpresswordpressRange5.75.7.8
OR
wordpresswordpressRange5.85.8.6
OR
wordpresswordpressRange5.95.9.5
OR
wordpresswordpressRange6.06.0.3

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.002 Low

EPSS

Percentile

55.0%