Vulnerability Details CVE-2015-9364
2Checkout Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html
- https://ithemes.com/coordinated-wordpress-plugin-security-update/
- https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html
- https://ithemes.com/coordinated-wordpress-plugin-security-update/
Products affected by CVE-2015-9364
-
cpe:2.3:a:2checkout:ithemes_2checkout:-