Lucene search

K
patchstackIohexPATCHSTACK:3D5CE502A808DE3FC5AEE9CF6FCEF750
HistoryAug 09, 2021 - 12:00 a.m.

WordPress 4k Icons for Visual Composer plugin <= 1.0 - Reflected Cross-Site Scripting (XSS) vulnerability

2021-08-0900:00:00
iohex
patchstack.com
4

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex in WordPress 4k Icons for Visual Composer plugin (versions <= 1.0).

Solution

           This plugin has been closed and is no longer available for download.
CPENameOperatorVersion
4k icons for visual composerle1.0

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Related for PATCHSTACK:3D5CE502A808DE3FC5AEE9CF6FCEF750