Lucene search

K
patchstackBob MatyasPATCHSTACK:00657DA159F87BA90BDF7F794CCE9F18
HistoryJul 12, 2024 - 12:00 a.m.

WordPress Swift Framework Page Builder Plugin < 2024.04.30 is vulnerable to Cross Site Scripting (XSS)

2024-07-1200:00:00
Bob Matyas
patchstack.com
wordpress
swift framework
page builder
cross site scripting
vulnerability
xss
cve-2024-2696
low severity
patch.

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

AI Score

5.8

Confidence

High

Software

Swift Framework Page Builder

Type

Plugin

Vulnerable versions

< 2024.04.30

Fixed in

2024.04.30

OWASP Top 10

A7: Cross-Site Scripting (XSS)

Classification

Cross Site Scripting (XSS)

CVE

CVE-2024-2696

Patch priority

Low

CVSS severity

Low (5.9)

Developer

Claim ownership

PSID

777ce10c6c55

Credits

Bob Matyas

Required privilege

Administrator

Published

12 July, 2024

Vulnerability details

Remove and replace plugin Expand full details Have additional information or questions about this entry? Let us know.

Solution

This security issue has a low severity impact and is unlikely to be exploited.

Affected configurations

Vulners
Node
-swift_framework_page_builderRange<2024.04.30
VendorProductVersionCPE
-swift_framework_page_builder*cpe:2.3:a:-:swift_framework_page_builder:*:*:*:*:*:*:*:*

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

AI Score

5.8

Confidence

High

Related for PATCHSTACK:00657DA159F87BA90BDF7F794CCE9F18