Lucene search
PatchstackCVE-2023-28166HistoryJun 22, 2023 - 9:15 a.m.
CVE-2023-28166
2023-06-2209:15:10
CWE-79
Patchstack
web.nvd.nist.gov
25
cve-2023-28166
unauthenticated
reflected
cross-site scripting
xss
aakif kadiwala
tags cloud manager
plugin
security vulnerability
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
18.8%
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aakif Kadiwala Tags Cloud Manager plugin <= 1.0.0 versions.
Affected configurations
Node
tags_cloud_manager_projecttags_cloud_managerRange≤1.0.0wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tags_cloud_manager_project | tags_cloud_manager | * | cpe:2.3:a:tags_cloud_manager_project:tags_cloud_manager:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "tags-cloud-manager",
"product": "Tags Cloud Manager",
"vendor": "Aakif Kadiwala",
"versions": [
{
"lessThanOrEqual": "1.0.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Tags Cloud Manager <= 1.0.0 - Reflected XSS
2023-03-14 00:00:00
prion
prion
Cross site scripting
2023-06-22 09:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-28166
2023-06-22 09:15:10
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
18.8%
Related for CVE-2023-28166