Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2017-2285
HistoryAug 02, 2017 - 4:29 p.m.

CVE-2017-2285

2017-08-0216:29:00
CWE-79
[email protected]
web.nvd.nist.gov
4

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.002

Percentile

51.3%

JSON

Cross-site scripting vulnerability in Simple Custom CSS and JS prior to version 3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd
Node
silkypresssimple_custom_css_and_jsMatch1.0wordpress
OR
silkypresssimple_custom_css_and_jsMatch1.1wordpress
OR
silkypresssimple_custom_css_and_jsMatch1.2wordpress
OR
silkypresssimple_custom_css_and_jsMatch1.3wordpress
OR
silkypresssimple_custom_css_and_jsMatch1.4wordpress
OR
silkypresssimple_custom_css_and_jsMatch1.5wordpress
OR
silkypresssimple_custom_css_and_jsMatch1.6wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.0wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.1wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.2wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.3wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.4wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.5wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.6wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.7wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.8wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.9wordpress
OR
silkypresssimple_custom_css_and_jsMatch2.10wordpress
OR
silkypresssimple_custom_css_and_jsMatch3.0wordpress
OR
silkypresssimple_custom_css_and_jsMatch3.1wordpress
OR
silkypresssimple_custom_css_and_jsMatch3.2wordpress
OR
silkypresssimple_custom_css_and_jsMatch3.3wordpress
VendorProductVersionCPE
silkypresssimple_custom_css_and_js1.0cpe:2.3:a:silkypress:simple_custom_css_and_js:1.0:*:*:*:*:wordpress:*:*
silkypresssimple_custom_css_and_js1.1cpe:2.3:a:silkypress:simple_custom_css_and_js:1.1:*:*:*:*:wordpress:*:*
silkypresssimple_custom_css_and_js1.2cpe:2.3:a:silkypress:simple_custom_css_and_js:1.2:*:*:*:*:wordpress:*:*
silkypresssimple_custom_css_and_js1.3cpe:2.3:a:silkypress:simple_custom_css_and_js:1.3:*:*:*:*:wordpress:*:*
silkypresssimple_custom_css_and_js1.4cpe:2.3:a:silkypress:simple_custom_css_and_js:1.4:*:*:*:*:wordpress:*:*
silkypresssimple_custom_css_and_js1.5cpe:2.3:a:silkypress:simple_custom_css_and_js:1.5:*:*:*:*:wordpress:*:*
silkypresssimple_custom_css_and_js1.6cpe:2.3:a:silkypress:simple_custom_css_and_js:1.6:*:*:*:*:wordpress:*:*
silkypresssimple_custom_css_and_js2.0cpe:2.3:a:silkypress:simple_custom_css_and_js:2.0:*:*:*:*:wordpress:*:*
silkypresssimple_custom_css_and_js2.1cpe:2.3:a:silkypress:simple_custom_css_and_js:2.1:*:*:*:*:wordpress:*:*
silkypresssimple_custom_css_and_js2.2cpe:2.3:a:silkypress:simple_custom_css_and_js:2.2:*:*:*:*:wordpress:*:*
Rows per page:
1-10 of 221

Related

cve 1
cvelist 1
prion 1
patchstack 1
wpvulndb 1
jvn 1
cve
cve
CVE-2017-2285
2017-08-02 16:29:00
cvelist
cvelist
CVE-2017-2285
2017-08-02 16:00:00
prion
prion
Cross site scripting
2017-08-02 16:29:00
patchstack
patchstack
WordPress Simple Custom CSS and JS plugin <=3.3 - Authenticated Cross-Site Scripting (XSS) vulnerability
2017-07-25 00:00:00
wpvulndb
wpvulndb
Simple Custom CSS and JS <= 3.3 - Authenticated Cross-Site Scripting (XSS)
2017-07-24 00:00:00
jvn
jvn
JVN#31459091: WordPress plugin "Simple Custom CSS and JS" vulnerable to cross-site scripting
2017-07-24 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.002

Percentile

51.3%

JSON
Related for NVD:CVE-2017-2285
cve1cvelist1prion1patchstack1wpvulndb1jvn1