Lucene search
HistoryApr 06, 2023 - 11:15 a.m.
CVE-2023-24411
cross-site scripting
stored
kerry kline bne testimonials
2.0.7
cve-2023-24411
vulnerability
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
21.2%
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kerry Kline BNE Testimonials plugin <= 2.0.7 versions.
Affected configurations
Node
bnecreativebne_testimonialsRange<2.0.8wordpress
Related
wpvulndb
wpvulndb
BNE Testimonials < 2.0.8 - Contributor+ Stored XSS
2023-01-27 00:00:00
cve
cve
CVE-2023-24411
2023-04-06 11:15:07
cvelist
cvelist
prion
prion
Cross site scripting
2023-04-06 11:15:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
21.2%
Related for NVD:CVE-2023-24411