Lucene search
PatchstackCVE-2023-27413HistoryJun 22, 2023 - 8:15 a.m.
CVE-2023-27413
2023-06-2208:15:09
CWE-79
Patchstack
web.nvd.nist.gov
9
cve-2023-27413
auth
stored xss
cross-site scripting
xss
shazzad hossain khan
w4 post list plugin
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
17.7%
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Shazzad Hossain Khan W4 Post List plugin <=Β 2.4.4 versions.
Affected configurations
Node
w4_post_list_projectw4_post_listRange<2.4.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| w4_post_list_project | w4_post_list | * | cpe:2.3:a:w4_post_list_project:w4_post_list:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "w4-post-list",
"product": "W4 Post List",
"vendor": "Shazzad Hossain Khan",
"versions": [
{
"changes": [
{
"at": "2.4.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.4.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-27413
2023-06-22 08:15:09
prion
prion
Cross site scripting
2023-06-22 08:15:00
wpvulndb
wpvulndb
W4 Post List < 2.4.5 - Contributor+ Stored XSS
2023-03-08 00:00:00
cvelist
cvelist
wordfence
wordfence
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
17.7%
Related for CVE-2023-27413