Lucene search

K
nvd[email protected]NVD:CVE-2023-28933
HistoryJun 12, 2023 - 4:15 p.m.

CVE-2023-28933

2023-06-1216:15:09
CWE-79
web.nvd.nist.gov
cve-2023-28933
authorization
cross-site scripting
stpetedesign
plugin vulnerability

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

16.0%

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in StPeteDesign Call Now Accessibility Button plugin <= 1.1 versions.

Affected configurations

NVD
Node
stpetedesigncall_now_accessibility_buttonRange1.1wordpress

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

16.0%

Related for NVD:CVE-2023-28933