CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-6805

Cross-site scripting (XSS) vulnerability in the MDC Private Message plugin 1.0.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the message field in a private message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.4%

CVSS Severity

CVSS v2 Score 3.5

References

https://wpvulndb.com/vulnerabilities/8154
https://www.exploit-db.com/exploits/37907/
https://wpvulndb.com/vulnerabilities/8154
https://www.exploit-db.com/exploits/37907/

Products affected by CVE-2015-6805

Medhabidotcom » Mdc Private Message » Version: 1.0.0

cpe:2.3:a:medhabidotcom:mdc_private_message:1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6805

Products

Pricing

Contact Us