Lucene search
PatchstackCVE-2022-36417HistorySep 23, 2022 - 4:15 p.m.
CVE-2022-36417
2022-09-2316:15:11
CWE-352
CWE-79
Patchstack
web.nvd.nist.gov
31
4
cve
2022
36417
stored xss
csrf
3d tag cloud
wordpress
nvd
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
20.8%
Multiple Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in 3D Tag Cloud plugin <= 3.8 at WordPress.
Affected configurations
Node
3d_tag_cloud_project3d_tag_cloudRange≤3.8wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| 3d_tag_cloud_project | 3d_tag_cloud | * | cpe:2.3:a:3d_tag_cloud_project:3d_tag_cloud:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"product": "3D Tag Cloud (WordPress plugin)",
"vendor": "Vinoj Cardoza",
"versions": [
{
"lessThanOrEqual": "3.8",
"status": "affected",
"version": "<= 3.8",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2022-36417
2022-09-23 16:15:11
wpvulndb
wpvulndb
3D Tag Cloud <= 3.8 - Stored XSS via CSRF
2022-09-22 00:00:00
prion
prion
Cross site scripting
2022-09-23 16:15:00
patchstack
patchstack
cvelist
cvelist
cnvd
cnvd
WordPress 3D Tag Cloud Cross-Site Request Forgery Vulnerability
2022-09-28 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
20.8%
Related for CVE-2022-36417