custom-404-pro Plugin do 3.2.7 na WordPress Reflected cross site scripting
W custom-404-pro Plugin do 3.2.7 na WordPress (WordPress Plugin) została odkryta podatność. Problemem dotknięta jest nieznana funkcja. Aktualizacja do wersji 3.2.8 eliminuje tę podatność.
| Pole | 2019-08-31 07:50 | 2020-08-10 18:06 |
|---|---|---|
| cvss3 | N | N |
| cvss3 | L | L |
| cvss3 | N | N |
| titleword | Reflected | Reflected |
| date | 1567123200 (2019-08-30) | 1567123200 (2019-08-30) |
| price | $0-$5k | $0-$5k |
| name | Upgrade | Upgrade |
| upgrade | 3.2.8 | 3.2.8 |
| cve | CVE-2019-15838 | CVE-2019-15838 |
| cvss2 | ND | ND |
| cvss2 | OF | OF |
| cvss2 | ND | ND |
| cvss3 | X | X |
| cvss3 | O | O |
| cvss3 | X | X |
| cvss3 | 6.1 | 6.1 |
| name | custom-404-pro Plugin | custom-404-pro Plugin |
| version | <=3.2.7 | <=3.2.7 |
| platform | WordPress | WordPress |
| risk | 1 | 1 |
| cvss2 | 4.3 | 4.3 |
| cvss2 | 3.7 | 3.7 |
| cvss2 | N | N |
| cvss2 | M | M |
| cvss2 | N | N |
| cvss2 | N | N |
| cvss2 | P | P |
| cvss2 | N | N |
| cvss3 | 5.2 | 5.2 |
| cvss3 | 4.9 | 4.9 |
| cvss3 | 4.3 | 4.3 |
| cvss3 | 4.1 | 4.1 |
| cvss3 | N | N |
| cvss3 | L | L |
| cvss3 | N | N |
| cvss3 | R | R |
| cvss3 | U | U |
| cvss3 | N | |
| cvss3 | L | |
| cvss3 | N | |
| cvss3 | R | |
| cvss3 | C | |
| cvss3 | L | |
| cvss3 | L | |
| cvss3 | N | |
| cve | 1567036800 | |
| cve | The custom-404-pro plugin before 3.2.8 for WordPress has reflected XSS, a different vulnerability than CVE-2019-14789. | |
| type | WordPress Plugin | |
| cwe | 0 | 79 (cross site scripting) |
| cvss2 | N | |
| cvss2 | M | |
| cvss2 | N | |
| cvss2 | N | |
| cvss2 | P | |
| cvss2 | N |
Interested in the pricing of exploits?
See the underground prices here!