CVE-2017-20094

Description

A vulnerability, which was classified as problematic, has been found in NewStatPress Plugin 1.2.4. This issue affects some unknown processing. The manipulation leads to basic cross site scripting (Persistent). The attack may be initiated remotely. Upgrading to version 1.2.5 is able to address this issue. It is recommended to upgrade the affected component.

Related CPE's

anewstatpress_projectnewstatpress1.2.4****wordpress**

References

http://seclists.org/fulldisclosure/2017/Feb/81

ExploitMailing ListPatchThird Party Advisory

https://vuldb.com/?id.97373

Third Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

NONE

AvailabilityImpact

NONE

IntegrityImpact

PARTIAL

BaseScore

3.5

VectorString

AV:N/AC:M/Au:S/C:N/I:P/A:N

Version

2.0

AccessVector

NETWORK

Authentication

SINGLE

Created by Yello
About Severity.io