Cross-site Scripting Vulnerability in Open Graph Plugin for WordPress by Wonderm00n
CVE-2018-0579

6.1MEDIUM

Key Information:

Vendor: WordPress
Status: Open Graph For Facebook, Google+ And Twitter Card Tags
Vendor: CVE Published:; 14 May 2018

What is CVE-2018-0579?

The Open Graph for Facebook, Google+, and Twitter Card Tags plugin for WordPress has a cross-site scripting vulnerability that permits remote attackers to inject arbitrary web scripts or HTML. This vulnerability affects versions prior to 2.2.4.1 and could potentially be exploited through unspecified vectors, compromising site integrity and user security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Open Graph for Facebook, Google+ and Twitter Card Tags prior to version 2.2.4.1

References

http://jvn.jp/en/jp/JVN08386386/index.html

third-party-advisoryx_refsource_JVN

https://wordpress.org/plugins/wonderm00ns-simple-facebook...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2018
Vulnerability Reserved
Nov 27, 2017

JSON

WordPress