CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-2084

Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the image_file parameter in an edit action in the cnss_social_icon_add page to wp-admin/admin.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.6%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2015-2084

Cybernetikz » Easy Social Icons » Version: N/A

cpe:2.3:a:cybernetikz:easy_social_icons:-
Cybernetikz » Easy Social Icons » Version: 1.0

cpe:2.3:a:cybernetikz:easy_social_icons:1.0
Cybernetikz » Easy Social Icons » Version: 1.1

cpe:2.3:a:cybernetikz:easy_social_icons:1.1
Cybernetikz » Easy Social Icons » Version: 1.2

cpe:2.3:a:cybernetikz:easy_social_icons:1.2
Cybernetikz » Easy Social Icons » Version: 1.2.1

cpe:2.3:a:cybernetikz:easy_social_icons:1.2.1
Cybernetikz » Easy Social Icons » Version: 1.2.2

cpe:2.3:a:cybernetikz:easy_social_icons:1.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-2084

Products

Pricing

Contact Us