Lucene search
PatchstackCVE-2022-40209HistoryDec 06, 2022 - 3:15 p.m.
CVE-2022-40209
2022-12-0615:15:15
CWE-79
Patchstack
web.nvd.nist.gov
39
cve-2022-40209
unauthenticated
reflected xss
xylus themes
wp smart import
wordpress
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
31.5%
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability inΒ Xylus Themes WP Smart Import plugin <=Β 1.0.2 on WordPress.
Affected configurations
Node
xylusthemeswp_smart_importRangeβ€1.0.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| xylusthemes | wp_smart_import | * | cpe:2.3:a:xylusthemes:wp_smart_import:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "WP Smart Import",
"vendor": "Xylus Themes",
"versions": [
{
"changes": [
{
"at": "1.0.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
wpvulndb
wpvulndb
WP Smart Import < 1.0.3 - Reflected Cross-Ste Scripting
2022-12-06 00:00:00
nvd
nvd
CVE-2022-40209
2022-12-06 15:15:15
prion
prion
Cross site scripting
2022-12-06 15:15:00
openvas
openvas
WordPress WP Smart Import Plugin < 1.0.3 XSS Vulnerability
2023-09-21 00:00:00
patchstack
patchstack
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
31.5%
Related for CVE-2022-40209