admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-26xx/CVE-2022-2654.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

105 lines
3.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-2654",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-09-16T09:15:10.727",
"lastModified": "2022-09-20T15:41:47.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10) do not escape a parameter before outputting it back in attributes, leading to Reflected Cross-Site Scripting"
},
{
"lang": "es",
"value": "El tema Classima de WordPress versiones anteriores a 2.1.11 y algunos de sus plugins necesarios (Classified Listing versiones anteriores a 2.2.14, Classified Listing Pro versiones anteriores a 2.0.20, Classified Listing Store & Membership versiones anteriores a 1.4.20 y Classima Core versiones anteriores a 1.10) no escapan un par\u00e1metro antes de devolverlo en atributos, conllevando a una taque de tipo Cross-Site Scripting Reflejado"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radiustheme:classified_listing_-_classified_ads_\\&_business_directory:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.14",
"matchCriteriaId": "BC506799-C172-428E-91F0-64173F66292E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radiustheme:classified_listing_pro_-_classified_ads_\\&_business_directory:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.20",
"matchCriteriaId": "6192ADF9-62BE-4BCE-AC9A-137C954EEC01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radiustheme:classified_listing_store_\\&_membership:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.4.20",
"matchCriteriaId": "EC749AA4-4196-4FBE-A603-DBD93CA8F7F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radiustheme:classima:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.11",
"matchCriteriaId": "E1D0A54D-70D1-497F-B186-9F7DD9D18A43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radiustheme:classima_core:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.10",
"matchCriteriaId": "E6C2EECE-92B2-4939-926A-7DBE5F02227D"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/845f44ca-f572-48d7-a19a-89cace0b8993",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink