CVSSv3 05/30/2022

CVSSv3 Base

≤10
≤20
≤314
≤46
≤55
≤60
≤73
≤80
≤90
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤315
≤45
≤55
≤63
≤70
≤80
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤314
≤46
≤55
≤60
≤73
≤80
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
2009064.34.3
 
 
 
 
JivoChat Live Chat Plugin cross-site request forgery0.06CVE-2022-0642
2009052.42.4
 
 
 
 
Simple Real Estate Pack Plugin Setting cross site scripting0.12CVE-2022-1646
2009042.42.4
 
 
 
 
Amazon Link Plugin Setting cross site scripting0.12CVE-2022-1645
2009032.42.4
 
 
 
 
Call&Book Mobile Bar Plugin cross site scripting0.12CVE-2022-1644
2009022.42.4
 
 
 
 
Birthdays Widget Plugin cross site scripting0.24CVE-2022-1643
2009014.34.3
 
 
 
 
Bulk Page Creator Plugin cross-site request forgery0.06CVE-2022-1611
2009004.34.3
 
 
 
 
Change wp-admin Login Plugin authorization0.06CVE-2022-1589
2008993.53.5
 
 
 
 
External Links in New Window Plugin URL cross site scripting0.06CVE-2022-1582
2008982.42.4
 
 
 
 
Team Members Plugin Setting cross site scripting0.00CVE-2022-1568
2008973.13.1
 
 
 
 
Quotes llama Plugin CSV File cross site scripting0.00CVE-2022-1566
2008962.42.4
 
 
 
 
10Web Form Maker Plugin Custom Text Setting cross site scripting0.00CVE-2022-1564
2008953.53.5
 
 
 
 
Enable SVG Plugin SVG File cross site scripting0.00CVE-2022-1562
2008943.53.5
 
 
 
 
VikBooking Hotel Booking Engine & PMS Plugin URL cross site scripting0.00CVE-2022-1528
2008933.53.5
 
 
 
 
WP 2FA Plugin Admin Page cross site scripting0.00CVE-2022-1527
2008922.42.4
 
 
 
 
Poll Maker Plugin Setting cross site scripting0.05CVE-2022-1456
2008912.42.4
 
 
 
 
Easy FAQ with Expanding Text Plugin cross site scripting0.00CVE-2022-1395
2008902.42.4
 
 
 
 
No Future Posts Plugin cross site scripting0.00CVE-2022-1387
2008892.42.4
 
 
 
 
Slideshow Plugin Setting cross site scripting0.05CVE-2022-1299
2008882.42.4
 
 
 
 
IMDB Info Box Plugin Setting cross site scripting0.00CVE-2022-1294
2008873.53.5
 
 
 
 
BannerMan Plugin Setting cross site scripting0.06CVE-2022-1275
2008864.34.3
 
 
 
 
Content Mask Plugin cross-site request forgery0.00CVE-2022-1203
2008852.42.4
 
 
 
 
Smush Plugin Admin Page cross site scripting0.12CVE-2022-1009
2008842.42.4
 
 
 
 
User Meta Plugin Shared Field Label cross site scripting0.49CVE-2022-0376
2008836.36.3
 
 
 
 
External Links in New Window Plugin Remote Code Execution0.88CVE-2022-1583
2008824.74.7
 
 
 
 
StaffList Plugin Admin Dashboard sql injection0.00CVE-2022-1556
2008812.42.4
 
 
 
 
HPB Dashboard Plugin cross site scripting0.16CVE-2022-1542
2008806.36.3
 
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird Javascript Object code injection0.06CVE-2022-1529
2008796.36.3
 
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird Top-Level Await code injection0.24CVE-2022-1802

Might our Artificial Intelligence support you?

Check our Alexa App!