Lucene search
PatchstackCVELIST:CVE-2023-38474HistoryNov 30, 2023 - 12:26 p.m.
CVE-2023-38474 WordPress Campaign Monitor for WordPress Plugin <= 2.8.12 is vulnerable to Cross Site Scripting (XSS)
2023-11-3012:26:53
CWE-79
Patchstack
www.cve.org
cve-2023-38474
cross site scripting
web page generation
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.0%
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Campaign Monitor Campaign Monitor for WordPress allows Reflected XSS.This issue affects Campaign Monitor for WordPress: from n/a through 2.8.12.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "forms-for-campaign-monitor",
"product": "Campaign Monitor for WordPress",
"vendor": "Campaign Monitor",
"versions": [
{
"lessThanOrEqual": "2.8.12",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2023-11-30 13:15:00
wpvulndb
wpvulndb
Campaign Monitor for WordPress < 2.8.14 - Reflected Cross-Site Scripting
2023-12-02 00:00:00
cve
cve
CVE-2023-38474
2023-11-30 13:15:07
nvd
nvd
CVE-2023-38474
2023-11-30 13:15:07
wordfence
wordfence
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.0%
Related for CVELIST:CVE-2023-38474