onesignal-free-web-push-notifications Plugin up to 1.17.7 on WordPress subdomain cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in onesignal-free-web-push-notifications Plugin up to 1.17.7 on WordPress (WordPress Plugin). It has been classified as problematic. This affects some unknown functionality. Upgrading to version 1.17.8 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
933189608/10/2020VulD...cve_nvd_summaryThe onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter.mitre.org08/10/2020accepted100
933189508/10/2020VulD...cve_assigned1567036800mitre.org08/10/2020accepted100
933186808/10/2020VulD...cwe79 (cross site scripting)08/10/2020accepted100
933186308/10/2020VulD...typeWordPress Plugin08/10/2020accepted100
933190208/31/2019VulD...cvss3_vuldb_rcX08/31/2019accepted90
933190108/31/2019VulD...cvss3_vuldb_rlO08/31/2019accepted90
933190008/31/2019VulD...cvss3_vuldb_eX08/31/2019accepted90
933189908/31/2019VulD...cvss2_vuldb_rcND08/31/2019accepted90
933189808/31/2019VulD...cvss2_vuldb_rlOF08/31/2019accepted90
933189708/31/2019VulD...cvss2_vuldb_eND08/31/2019accepted90
933189408/31/2019VulD...cveCVE-2019-15827mitre.org08/31/2019accepted100
933189308/31/2019VulD...upgrade_version1.17.808/31/2019accepted100
933189208/31/2019VulD...nameUpgrade08/31/2019accepted100
933189108/31/2019VulD...price_0day$0-$5ksee documentation08/31/2019accepted100
933189008/31/2019VulD...date1567123200 (08/30/2019)08/31/2019accepted100
933188908/31/2019VulD...cvss3_vuldb_aN08/31/2019accepted100
933188808/31/2019VulD...cvss3_vuldb_iL08/31/2019accepted100
933188708/31/2019VulD...cvss3_vuldb_cN08/31/2019accepted100
933188608/31/2019VulD...cvss3_vuldb_sU08/31/2019accepted100
933188508/31/2019VulD...cvss3_vuldb_uiR08/31/2019accepted100

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!