Cross-Site Scripting Vulnerability in Stop User Enumeration Plugin for WordPress
CVE-2017-18536
6.1MEDIUM
What is CVE-2017-18536?
The Stop User Enumeration plugin for WordPress versions prior to 1.3.8 contains a Cross-Site Scripting (XSS) vulnerability. This flaw could allow attackers to inject malicious scripts into web pages viewed by users, potentially compromising sensitive information and leading to unauthorized actions. It is essential for WordPress users to update their plugins to prevent exploitation of this vulnerability.
References
EPSS Score
5% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved