← Zuruck zu CVEs
CVE-2020-8799
MEDIUM4.8
Beschreibung
A Stored XSS vulnerability has been found in the administration page of the WTI Like Post plugin through 1.4.5 for WordPress. Once the administrator has submitted the data, the script stored is executed for all the users visiting the website.
CVE Details
CVSS v3.1 Bewertung4.8
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionREQUIRED
Veroffentlicht5/5/2020
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
webtechideas:wti_like_post
Schwachen (CWE)
CWE-79
Referenzen
https://wordpress.org/plugins/wti-like-post/#developers(cve@mitre.org)
https://wpvulndb.com/vulnerabilities/10210(cve@mitre.org)
https://wordpress.org/plugins/wti-like-post/#developers(af854a3a-2127-422b-91ae-364da2661108)
https://wpvulndb.com/vulnerabilities/10210(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.