Lucene search
HistoryDec 04, 2022 - 11:15 p.m.
CVE-2022-40968
cve-2022-40968
reflected cross-site scripting
xss
2kb amazon affiliates store plugin
wordpress
nvd
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
31.5%
Reflected Cross-Site Scripting (XSS) vulnerability in 2kb Amazon Affiliates Store plugin <=2.1.5 on WordPress.
Affected configurations
Node
2kblater2kb_amazon_affiliates_storeRange≤2.1.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| 2kblater | 2kb_amazon_affiliates_store | * | cpe:2.3:a:2kblater:2kb_amazon_affiliates_store:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "2kb Amazon Affiliates Store",
"vendor": "2kblater",
"versions": [
{
"lessThanOrEqual": "2.1.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-40968
2022-12-04 23:15:09
patchstack
patchstack
wpvulndb
wpvulndb
2kb Amazon Affiliates Store <= 2.1.5 - Reflected XSS
2022-10-24 00:00:00
cvelist
cvelist
prion
prion
Cross site scripting
2022-12-04 23:15:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
31.5%
Related for CVE-2022-40968