Lucene search
HistoryJul 25, 2023 - 2:15 p.m.
CVE-2023-36503
cve-2023-36503
auth
contributor
cross-site scripting
xss
max foundry
wordpress
button plugin
maxbuttons plugin
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
5.4 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.1%
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Max Foundry WordPress Button Plugin MaxButtons plugin <=Β 9.5.3 versions.
Affected configurations
Node
max_foundrywordpress_button_plugin_maxbuttonsRangeβ€9.5.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| maxfoundry:maxbuttons | maxfoundry maxbuttons | le | 9.5.3 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "maxbuttons",
"product": "WordPress Button Plugin MaxButtons",
"vendor": "Max Foundry",
"versions": [
{
"changes": [
{
"at": "9.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "9.5.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-36503
2023-07-25 14:15:10
openvas
openvas
WordPress MaxButtons Plugin < 9.6 XSS Vulnerability
2023-07-26 00:00:00
cvelist
cvelist
prion
prion
Cross site scripting
2023-07-25 14:15:00
wordfence
wordfence
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
5.4 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.1%
Related for CVE-2023-36503