CVEDB API

The two-factor-authentication plugin before 1.1.10 for WordPress has XSS in the admin area.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.1%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2015-9355

Simbahosting » Two-Factor-Authentication » Version: 1.0

cpe:2.3:a:simbahosting:two-factor-authentication:1.0
Simbahosting » Two-Factor-Authentication » Version: 1.1.1

cpe:2.3:a:simbahosting:two-factor-authentication:1.1.1
Simbahosting » Two-Factor-Authentication » Version: 1.1.2

cpe:2.3:a:simbahosting:two-factor-authentication:1.1.2
Simbahosting » Two-Factor-Authentication » Version: 1.1.3

cpe:2.3:a:simbahosting:two-factor-authentication:1.1.3
Simbahosting » Two-Factor-Authentication » Version: 1.1.5

cpe:2.3:a:simbahosting:two-factor-authentication:1.1.5
Simbahosting » Two-Factor-Authentication » Version: 1.1.6

cpe:2.3:a:simbahosting:two-factor-authentication:1.1.6
Simbahosting » Two-Factor-Authentication » Version: 1.1.7

cpe:2.3:a:simbahosting:two-factor-authentication:1.1.7
Simbahosting » Two-Factor-Authentication » Version: 1.1.8

cpe:2.3:a:simbahosting:two-factor-authentication:1.1.8
Simbahosting » Two-Factor-Authentication » Version: 1.1.9

cpe:2.3:a:simbahosting:two-factor-authentication:1.1.9