Vulnerability Details CVE-2015-9361
The Related Posts plugin before 1.8.2 for WordPress has XSS via add_query_arg() and remove_query_arg().
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html
- https://www.barrykooij.com/several-security-updates-released/
- https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html
- https://www.barrykooij.com/several-security-updates-released/
Products affected by CVE-2015-9361
-
cpe:2.3:a:never5:related_posts:-
-
cpe:2.3:a:never5:related_posts:1.0.0
-
cpe:2.3:a:never5:related_posts:1.1.0
-
cpe:2.3:a:never5:related_posts:1.2.0
-
cpe:2.3:a:never5:related_posts:1.2.1
-
cpe:2.3:a:never5:related_posts:1.2.2
-
cpe:2.3:a:never5:related_posts:1.3.0
-
cpe:2.3:a:never5:related_posts:1.3.1
-
cpe:2.3:a:never5:related_posts:1.3.2
-
cpe:2.3:a:never5:related_posts:1.4.0
-
cpe:2.3:a:never5:related_posts:1.5.0
-
cpe:2.3:a:never5:related_posts:1.6.0
-
cpe:2.3:a:never5:related_posts:1.6.1
-
cpe:2.3:a:never5:related_posts:1.6.2
-
cpe:2.3:a:never5:related_posts:1.6.3
-
cpe:2.3:a:never5:related_posts:1.7.0
-
cpe:2.3:a:never5:related_posts:1.7.1
-
cpe:2.3:a:never5:related_posts:1.7.2
-
cpe:2.3:a:never5:related_posts:1.7.3
-
cpe:2.3:a:never5:related_posts:1.7.4
-
cpe:2.3:a:never5:related_posts:1.7.5
-
cpe:2.3:a:never5:related_posts:1.7.6
-
cpe:2.3:a:never5:related_posts:1.8.0
-
cpe:2.3:a:never5:related_posts:1.8.1