Lucene search

[email protected]NVD:CVE-2023-33929

HistoryAug 30, 2023 - 1:15 p.m.

CVE-2023-33929

2023-08-3013:15:12

CWE-79

[email protected]

web.nvd.nist.gov

cve-2023-33929

authenticated

admin

stored

cross-site scripting

xss

joaquín ruiz

easy admin menu plugin

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

21.7%

JSON

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joaquín Ruiz Easy Admin Menu plugin <= 1.3 versions.

Affected configurations

Nvd

Node

jokiruizeasy_admin_menuRange≤1.3wordpress

VendorProductVersionCPE
jokiruizeasy_admin_menu*cpe:2.3:a:jokiruiz:easy_admin_menu:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
jokiruiz	easy_admin_menu	*	cpe:2.3:a:jokiruiz:easy_admin_menu::::::wordpress::*

References

patchstack.com/database/vulnerability/easy-admin-menu/wordpress-easy-admin-menu-plugin-1-3-cross-site-scripting-xss?_s_id=cve