Lucene search

K
nvd[email protected]NVD:CVE-2023-47549
HistoryNov 14, 2023 - 9:15 p.m.

CVE-2023-47549

2023-11-1421:15:12
CWE-79
web.nvd.nist.gov
5
cve-2023-47549
unauthenticated
cross-site scripting
eazydocs
plugin
vulnerability

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

28.7%

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability onΒ 302 response page in spider-themes EazyDocsΒ plugin <=Β 2.3.3 versions.

Affected configurations

Nvd
Node
spider-themeseazydocsRange≀2.3.3wordpress
VendorProductVersionCPE
spider-themeseazydocs*cpe:2.3:a:spider-themes:eazydocs:*:*:*:*:*:wordpress:*:*

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

28.7%