Lucene search

[email protected]NVD:CVE-2023-31071

HistoryAug 17, 2023 - 9:15 a.m.

CVE-2023-31071

2023-08-1709:15:12

CWE-79

[email protected]

web.nvd.nist.gov

vulnerability

yannick lefebvre

modal dialog

plugin

versions

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

27.9%

JSON

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.14 versions.

Affected configurations

Nvd

Node

ylefebvremodal_dialogRange≤3.5.14wordpress

VendorProductVersionCPE
ylefebvremodal_dialog*cpe:2.3:a:ylefebvre:modal_dialog:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
ylefebvre	modal_dialog	*	cpe:2.3:a:ylefebvre:modal_dialog::::::wordpress::*

References

patchstack.com/database/vulnerability/modal-dialog/wordpress-modal-dialog-plugin-3-5-14-cross-site-scripting-xss-vulnerability?_s_id=cve

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

27.9%

JSON

Related for NVD:CVE-2023-31071

vulnrichment1 prion1 cvelist1 cve1 wpvulndb1 wordfence1