Lucene search

[email protected]NVD:CVE-2015-5151

HistoryJun 30, 2015 - 2:59 p.m.

CVE-2015-5151

2015-06-3014:59:08

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

52.0%

JSON

Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the client_action parameter in a revslider_ajax_action action to wp-admin/admin-ajax.php.

Affected configurations

Nvd

Node

themepunchslider_revolutionMatch4.2.2wordpress

VendorProductVersionCPE
themepunchslider_revolution4.2.2cpe:2.3:a:themepunch:slider_revolution:4.2.2:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
themepunch	slider_revolution	4.2.2	cpe:2.3:a:themepunch:slider_revolution:4.2.2:::::wordpress::

References

packetstormsecurity.com/files/132366/WordPress-Revslider-4.2.2-XSS-Information-Disclosure.html

www.securityfocus.com/bid/75303

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

52.0%

JSON

Related for NVD:CVE-2015-5151

prion1 patchstack1 openvas1 cvelist1 cve1