2kb Amazon Affiliates Store Plugin up to 2.1.0 on WordPress wp-admin/admin.php page/kbAction cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in 2kb Amazon Affiliates Store Plugin up to 2.1.0 on WordPress (WordPress Plugin). It has been classified as problematic. This affects an unknown function of the file wp-admin/admin.php. Upgrading to version 2.1.1 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1082024101/14/2021VulD...cvss2_nvd_basescore4.3nist.gov01/14/2021accepted90
1082024001/14/2021VulD...person_namersanchezrsecurityfocus.com01/14/2021accepted70
714427311/20/2019VulD...securityfocus_classInput Validation Errorsecurityfocus.com11/20/2019accepted100
714427211/20/2019VulD...securityfocus_date1506556800 (09/28/2017)securityfocus.com11/20/2019accepted100
714426311/20/2019VulD...confirm_urlhttps://wordpress.org/plugins/2kb-amazon-affiliates-store/#developerswordpress.org11/20/2019accepted100
714422411/20/2019VulD...discoverydate150586560011/20/2019accepted100
714428309/28/2017VulD...cvss3_nvd_basescore6.1nist.gov09/28/2017accepted90
714428209/28/2017VulD...0day_days709/28/2017accepted90
714428109/28/2017VulD...cvss3_vuldb_rcX09/28/2017accepted90
714428009/28/2017VulD...cvss3_vuldb_rlO09/28/2017accepted90
714427909/28/2017VulD...cvss3_vuldb_eX09/28/2017accepted90
714427809/28/2017VulD...cvss2_vuldb_rcND09/28/2017accepted90
714427709/28/2017VulD...cvss2_vuldb_rlOF09/28/2017accepted90
714427609/28/2017VulD...cvss2_vuldb_eND09/28/2017accepted90
714427509/28/2017VulD...locationWebsite09/28/2017accepted90
714427409/28/2017VulD...securityfocus_titleWordPress 2kb Amazon Affiliates Store Plugin Multiple Cross Site Scripting Vulnerabilitiessecurityfocus.com09/28/2017accepted100
714427109/28/2017VulD...securityfocus101050securityfocus.com09/28/2017accepted100
714427009/28/2017VulD...cve_nvd_summaryMultiple cross-site scripting (XSS) vulnerabilities in the 2kb Amazon Affiliates Store plugin before 2.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter or (2) kbAction parameter in the kbAmz page to wp-admin/admin.php.mitre.org09/28/2017accepted100
714426909/28/2017VulD...cve_nvd_published1506470400mitre.org09/28/2017accepted100
714426809/28/2017VulD...cve_assigned1505865600mitre.org09/28/2017accepted100

Want to stay up to date on a daily basis?

Enable the mail alert feature now!