Lucene search

K
patchstackLana CodesPATCHSTACK:5B8BF03E0E4184A6D2C30F6F88AE4040
HistoryJan 10, 2023 - 12:00 a.m.

WordPress Page View Count Plugin < 2.6.1 is vulnerable to Cross Site Scripting (XSS)

2023-01-1000:00:00
Lana Codes
patchstack.com
1
wordpress page view count
plugin
cross site scripting
owasp
cve
patch priority
cvss severity
developer
privilege
published
mitigate

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

5.9

Confidence

High

Software

Page View Count

Type

Plugin

Vulnerable versions

< 2.6.1

Fixed in

2.6.1

OWASP Top 10

A7: Cross-Site Scripting (XSS)

Classification

Cross Site Scripting (XSS)

CVE

CVE-2023-0095

Patch priority

Medium

CVSS severity

Medium (6.3)

Developer

Claim ownership

PSID

545a0fccfa3b

Credits

Lana Codes

Required privilege

Contributor

Published

10 January, 2023

Vulnerability details

Remove and replace plugin Expand full details Have additional information or questions about this entry? Let us know.

Solution

We advise to mitigate or resolve the vulnerability immediately.

Affected configurations

Vulners
Node
a3rev_softwarepage_view_countRange<2.6.1
VendorProductVersionCPE
a3rev_softwarepage_view_count*cpe:2.3:a:a3rev_software:page_view_count:*:*:*:*:*:*:*:*

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

5.9

Confidence

High

Related for PATCHSTACK:5B8BF03E0E4184A6D2C30F6F88AE4040