Lucene search
HistoryAug 30, 2023 - 1:15 p.m.
CVE-2023-33208
cve-2023-33208
cross-site scripting
stored
gsmith cookie monster
admin
security vulnerability
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
18.3%
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gsmith Cookie Monster plugin <= 1.51 versions.
Affected configurations
Node
cookie_monster_projectcookie_monsterRange≤1.51wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cookie_monster_project | cookie_monster | * | cpe:2.3:a:cookie_monster_project:cookie_monster:*:*:*:*:*:wordpress:*:* |
Related
prion
prion
Cross site scripting
2023-08-30 13:15:00
vulnrichment
vulnrichment
cve
cve
CVE-2023-33208
2023-08-30 13:15:11
wpvulndb
wpvulndb
Cookie Monster <= 1.51 - Admin+ Stored XSS
2023-09-18 00:00:00
cvelist
cvelist
wordfence
wordfence
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
18.3%
Related for NVD:CVE-2023-33208