Lucene search
HistoryAug 29, 2024 - 6:15 p.m.
CVE-2024-43963
cve
input neutralization
waspthemes
yellowpencil
xss
web page generation
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.7%
Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WaspThemes YellowPencil Visual CSS Style Editor allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through 7.6.1.
Affected configurations
Node
waspthemesyellowpencilRange<7.6.4wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| waspthemes | yellowpencil | * | cpe:2.3:a:waspthemes:yellowpencil:*:*:*:*:*:wordpress:*:* |
Related
cvelist
cvelist
cve
cve
CVE-2024-43963
2024-08-29 18:15:13
vulnrichment
vulnrichment
wordfence
wordfence
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.7%
Related for NVD:CVE-2024-43963