CVE-2022-45082

LOW 3.4

WordPress Accordions plugin <= 2.0.3 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities

CVSS Score

3.4

EPSS Score

0.0%

EPSS Percentile

0th

Multiple Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilities in Accordions plugin <= 2.0.3 on WordPress via &addons-style-name and &accordions_or_faqs_license_key.

CWE	CWE-79
Vendor	biplob adhikari
Product	accordions – multiple accordions or faqs builder (wordpress plugin)
Published	Nov 18, 2022
Last Updated	Sep 17, 2024

Stay Ahead of the Next One

Get instant alerts for biplob adhikari accordions – multiple accordions or faqs builder (wordpress plugin)

Be the first to know when new low vulnerabilities affecting biplob adhikari accordions – multiple accordions or faqs builder (wordpress plugin) are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

None

Integrity

Low

Availability

None

Affected Versions

Biplob Adhikari / Accordions – Multiple Accordions or FAQs Builder (WordPress plugin)

<= 2.0.3 ≤ 2.0.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wordpress.org: https://wordpress.org/plugins/accordions-or-faqs/#developers patchstack.com: https://patchstack.com/database/vulnerability/accordions-or-faqs/wordpress-accordions-plugin-2-0-3-multiple-auth-stored-cross-site-scripting-xss-vulnerabilities?_s_id=cve

Credits

Vulnerability discovered by Vlad Vector (Patchstack)