CVE-2018-17140

5.4MEDIUM

Key Information:

Vendor: Wordpress
Status: Quizlord
Vendor: CVE Published:; 17 September 2018

Summary

The Quizlord plugin through 2.0 for WordPress is prone to Stored XSS via the title parameter in a ql_insert action to wp-admin/admin.php.

References

https://www.exploit-db.com/exploits/45307/

exploitx_refsource_EXPLOIT-DB

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Sep 17, 2018
Vulnerability Reserved
Sep 17, 2018

.

🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.