2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2017-2284" ,
"sourceIdentifier" : "vultures@jpcert.or.jp" ,
"published" : "2017-08-02T16:29:00.520" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T03:23:12.540" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Cross-site scripting vulnerability in Popup Maker prior to version 1.6.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} ,
{
"lang" : "es" ,
"value" : "Una vulnerabilidad de tipo Cross-Site Scripting (XSS) en versiones anteriores a la 1.6.5 de Popup Maker permite a atacantes remotos inyectar scripts web o HTML arbitrarios utilizando vectores no especificados."
}
] ,
"metrics" : {
"cvssMetricV30" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 6.1 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "REQUIRED" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "LOW" ,
"integrityImpact" : "LOW" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 2.8 ,
"impactScore" : 2.7
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.3 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "PARTIAL" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-79"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.0.0:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "90C161EC-2573-42D2-87D9-34B3D6B8DC9C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.0.1:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "D9B91723-3887-4F17-9C22-F75D9190EE56"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.0.2:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "F1AC248E-BF46-422F-84F9-EDC409CA22F3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.0.3:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "6C0338C3-969D-49CC-8883-A6FC1F85EA96"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.0.4:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "54C7BF56-F9C6-4858-9084-20BC7695BD6D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.0.5:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "36323BBF-DF81-47D3-B126-6673A3BF8F35"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.0:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "4B6B06C5-EBE8-4BD5-AB71-1212847F2D42"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.1:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "2B9A7EA4-3EAC-40C3-945B-96B26462B163"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.2:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "9D48C71B-3971-4AD2-897F-ED9BCF478451"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.3:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "D789C13D-7C6D-4F5B-A212-B836E08E213A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.4:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "CFE80F18-726C-4BDE-838C-B44479DF6165"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.5:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "440D38B5-4C30-4960-8DF7-1234AB843972"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.6:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "4EB472CF-32C4-4BB0-AF92-8B015A40BE59"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.7:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "59839A5E-3462-4084-AC68-E9BB758D29AF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.8:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "37360399-BB08-4CCD-BF97-9C244B8538AB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.9:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "34C82A10-464A-4CDC-8947-7B1494F0EB2C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.1.10:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "70B17631-F056-4E9B-BFF8-73BCE1116815"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.2.0:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "76350181-42BA-49C3-A25D-9B9FCB4E526B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.2.1:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "8E3085B2-66B0-4006-AA8E-9EF4CAB97FDB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.2.2:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "102F9DD7-E0B5-4918-895E-DEFCAAC8FC52"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.3.0:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "39D04E83-EF5C-4981-BB0E-6F929AF1C25C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.3.1:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "C759FBB3-A063-4CCC-B3A5-F6DC8D6B8A6F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.3.2:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "283F2952-A467-4E2C-9E01-7E48234A3B2E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.3.3:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "AB0D76F5-C2EB-4C6D-A187-DF3363EC19A6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.3.4:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "70B45C8A-79DA-4AEE-BCC1-C06C77FEE40C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.3.5:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "8FCC14C3-C650-44AF-8292-5497B508556A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.3.6:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "007D28DF-7E53-486F-B9AB-1BCD54020AD5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.3.7:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "5B735B73-E003-4848-A7F3-EBA9D19039EA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.3.8:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "8868752E-BB92-43F4-8D1C-769D512DA13E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.3.9:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "334E63C2-E717-4C11-958D-B48EE3440B12"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.0:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "82588758-797D-489D-A19F-0E0D7CC807E5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.1:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "8588997E-AA8B-440F-9F1B-713FFB097234"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.2:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "FA9E5F61-97EB-470B-BA39-50ED30FDA492"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.3:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "3C2511EE-E091-41C4-BF06-DFBC27B3E3B9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.4:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "BFB9A292-0E2D-4378-9039-ED45DABE726C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.5:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "CEDE2DC6-0A58-47C2-944F-8010524B2821"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.6:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "5827184B-ACEC-452A-8190-64A32F76E902"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.7:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "6E5B070F-A8E3-4320-832E-1FE9577E7B1A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.8:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "8142F60E-FDBF-4DE1-89C9-5925290E9E92"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.9:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "FEE8319A-33A8-486C-92A5-4941681B8B3E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.10:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "10A5384C-C79D-429A-9094-538BE9C70C9E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.11:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "39F86BCA-C2F6-4664-B36E-43FF3F9D13C1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.12:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "0C583011-48FD-4EC3-9C58-28EF3E5C9D1A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.13:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "DD0B7B26-72EA-4712-B783-3989FDB05194"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.14:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "6A1CC3A8-EBAA-4FA2-B0B9-4B05C9742CEE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.15:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "FE801999-733C-4C82-9114-B2228AADE290"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.16:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "7A33CEB9-8CE3-4F1A-A1C8-2176F65DA787"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.17:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "AF294B42-DF3C-4ACB-B439-CE41581FB685"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.18:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "D18DDBCA-4F33-4CD0-BE52-1B6F87D273E6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.19:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "65B14941-933B-4ECF-95CA-16F208EB2FCF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.20:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "38951BCB-E275-4952-850A-F007CB06B5ED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.4.21:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "862E52EA-4F2E-42F5-8099-DAC7F3025923"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.5.0:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "5AD0FA3F-03CC-470D-A0A5-857CA7A46D73"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.5.1:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "0CC71336-9C78-4228-9393-F9139ED44979"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.5.2:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "FF5128CC-6B8B-4CC6-9D08-2188D93ABD83"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.5.3:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "30B1DDBC-10D1-4718-B07E-946D72F1B581"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.5.4:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "9E0DC38E-A42A-4008-9E67-0487F0849CED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.5.5:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "9B9657B9-C347-4DF9-A306-C281396FB81D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.5.6:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "E0E732F1-84C1-44A6-B1B3-BCA25B8272C8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.5.7:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "A78EFBC6-C767-466E-8A7A-68A7606227C2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.5.8:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "C218BC8D-9798-4EEC-8B64-EE96888FA338"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.6.0:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "4177F386-AFB2-421B-8444-89D16B6C78C8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.6.1:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "CF7C5849-3102-4D27-BBB8-A6E31230150F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.6.2:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "30BCFF57-5F8E-478B-A484-9C771BA33E83"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.6.3:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "D00FE9DD-4EF5-4CAF-88B1-0C260610063A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:code-atlantic:popup_maker:1.6.4:*:*:*:*:wordpress:*:*" ,
"matchCriteriaId" : "FAB6541B-F121-4668-A2CA-EE6120014633"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://jvn.jp/en/jp/JVN92921024/index.html" ,
"source" : "vultures@jpcert.or.jp" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://plugins.trac.wordpress.org/changeset/1697216/#file3" ,
"source" : "vultures@jpcert.or.jp" ,
"tags" : [
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://wordpress.org/plugins/popup-maker/#developers" ,
"source" : "vultures@jpcert.or.jp" ,
"tags" : [
"Product" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://wpvulndb.com/vulnerabilities/8878" ,
"source" : "vultures@jpcert.or.jp"
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://jvn.jp/en/jp/JVN92921024/index.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://plugins.trac.wordpress.org/changeset/1697216/#file3" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://wordpress.org/plugins/popup-maker/#developers" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Product" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://wpvulndb.com/vulnerabilities/8878" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
]
}
