Lucene search
HistoryOct 18, 2023 - 9:15 a.m.
CVE-2023-45056
cve-2023-45056
nvd
security
vulnerability
cross-site scripting
xss
open user map plugin
admin+ authentication
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
AI Score
4.9
Confidence
High
EPSS
0
Percentile
14.0%
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in 100plugins Open User Map plugin <=Β 1.3.26 versions.
Affected configurations
Node
100pluginsopen_user_mapRangeβ€1.3.26
| Vendor | Product | Version | CPE |
|---|---|---|---|
| 100plugins | open_user_map | * | cpe:2.3:a:100plugins:open_user_map:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "open-user-map",
"product": "Open User Map",
"vendor": "100plugins",
"versions": [
{
"changes": [
{
"at": "1.3.27",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.26",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2023-10-18 09:15:00
nvd
nvd
CVE-2023-45056
2023-10-18 09:15:09
wpvulndb
wpvulndb
Open User Map | Everybody can add locations < 1.3.27 - Admin+ Stored XSS
2023-10-20 00:00:00
cvelist
cvelist
wordfence
wordfence
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
AI Score
4.9
Confidence
High
EPSS
0
Percentile
14.0%
Related for CVE-2023-45056