Easy Testimonials Plugin Vulnerabilità

Sequenza temporale

Versione

3.22
3.6.01
3.6.11
3.9.01
3.9.11

Contromisure

Official Fix2
Temporary Fix0
Workaround0
Unavailable0
Not Defined3

Sfruttabilità

High0
Functional0
Proof-of-Concept1
Unproven0
Not Defined4

Accesso al vettore

Not Defined0
Physical0
Local0
Adjacent0
Network5

Autenticazione

Not Defined0
High0
Low2
None3

Interazione dell'utente

Not Defined0
Required4
None1

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤41
≤52
≤62
≤70
≤80
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤41
≤53
≤61
≤70
≤80
≤90
≤100

VulDB

≤10
≤20
≤30
≤41
≤54
≤60
≤70
≤80
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤61
≤72
≤80
≤90
≤100

CNA

≤10
≤20
≤30
≤40
≤51
≤60
≤70
≤80
≤90
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k3
<2k2
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k5
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Versions (12): 3.0, 3.0.4, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 3.6.1, 3.9, 3.9.1, 3.9.2

Tipo di software: WordPress Plugin

Data di pubblicazioneBaseTempVulnerabilità0dayOggiSfrConCTICVE
01/07/20234.34.2Easy Testimonials Plugin saveCustomFields cross site request forgery$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-36749
12/01/20233.53.4Easy Testimonials Plugin cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-4577
22/06/20204.84.6Easy Testimonials Plugin post.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-14959
26/11/20185.24.7Easy Testimonials Plugin post.php Stored cross site scripting$0-$5k$0-$5kProof-of-ConceptNot Defined0.00CVE-2018-19564
01/08/20175.25.2Easy Testimonials Plugin display.options.php cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2017-12131

PrecedenteVisione D'insiemeIl prossimo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!