Lucene search

[email protected]NVD:CVE-2022-40968

HistoryDec 04, 2022 - 11:15 p.m.

CVE-2022-40968

2022-12-0423:15:09

CWE-79

[email protected]

web.nvd.nist.gov

cross-site scripting

amazon affiliates store

wordpress

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

31.5%

JSON

Reflected Cross-Site Scripting (XSS) vulnerability in 2kb Amazon Affiliates Store plugin <=2.1.5 on WordPress.

Affected configurations

Nvd

Node

2kblater2kb_amazon_affiliates_storeRange≤2.1.5wordpress

VendorProductVersionCPE
2kblater2kb_amazon_affiliates_store*cpe:2.3:a:2kblater:2kb_amazon_affiliates_store:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
2kblater	2kb_amazon_affiliates_store	*	cpe:2.3:a:2kblater:2kb_amazon_affiliates_store::::::wordpress::*

References

patchstack.com/database/vulnerability/2kb-amazon-affiliates-store/wordpress-2kb-amazon-affiliates-store-plugin-2-1-5-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

31.5%

JSON

Related for NVD:CVE-2022-40968

wpvulndb1 patchstack1 cvelist1 prion1 cve1