CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
76.2%
Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal permissions, such as a subscriber.
Vendor | Product | Version | CPE |
---|---|---|---|
coolplugins | cool_timeline | * | cpe:2.3:a:coolplugins:cool_timeline:*:*:*:*:*:wordpress:*:* |
coolplugins | cryptocurrency_widgets | * | cpe:2.3:a:coolplugins:cryptocurrency_widgets:*:*:*:*:*:wordpress:*:* |
coolplugins | cryptocurrency_widgets_for_elementor | * | cpe:2.3:a:coolplugins:cryptocurrency_widgets_for_elementor:*:*:*:*:*:wordpress:*:* |
coolplugins | event_single_page_builder_for_the_event_calendar | * | cpe:2.3:a:coolplugins:event_single_page_builder_for_the_event_calendar:*:*:*:*:*:wordpress:*:* |
coolplugins | events-notification-bar-addon | * | cpe:2.3:a:coolplugins:events-notification-bar-addon:*:*:*:*:*:wordpress:*:* |
coolplugins | events_search_for_the_events_calendar | * | cpe:2.3:a:coolplugins:events_search_for_the_events_calendar:*:*:*:*:*:wordpress:*:* |
coolplugins | events_shortcodes_for_the_events_calendar | * | cpe:2.3:a:coolplugins:events_shortcodes_for_the_events_calendar:*:*:*:*:*:wordpress:*:* |
coolplugins | events_widgets_for_elementor_and_the_events_calendar | * | cpe:2.3:a:coolplugins:events_widgets_for_elementor_and_the_events_calendar:*:*:*:*:*:wordpress:*:* |
coolplugins | the_events_calendar_countdown_addon | * | cpe:2.3:a:coolplugins:the_events_calendar_countdown_addon:*:*:*:*:*:wordpress:*:* |
cryptocurrency_payment_\&_donation_box_plugins | cryptocurrency_payment_\&_donation_box | * | cpe:2.3:a:cryptocurrency_payment_\&_donation_box_plugins:cryptocurrency_payment_\&_donation_box:*:*:*:*:*:wordpress:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
76.2%