Vulnerability Details CVE-2015-9368
Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.6%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html
- https://ithemes.com/coordinated-wordpress-plugin-security-update/
- https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html
- https://ithemes.com/coordinated-wordpress-plugin-security-update/
Products affected by CVE-2015-9368
-
cpe:2.3:a:ithemes:easy_eu_value_added_(vat)_taxes:-