Vulnerability Details CVE-2015-9430
The crazy-bone plugin before 0.6.0 for WordPress has XSS via the User-Agent HTTP header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://cinu.pl/research/wp-plugins/mail_e22c10161b1e2e4e54facf2d17e723c3.html
- https://wordpress.org/plugins/crazy-bone/#developers
- https://wpvulndb.com/vulnerabilities/8281
- http://cinu.pl/research/wp-plugins/mail_e22c10161b1e2e4e54facf2d17e723c3.html
- https://wordpress.org/plugins/crazy-bone/#developers
- https://wpvulndb.com/vulnerabilities/8281
Products affected by CVE-2015-9430
-
cpe:2.3:a:crazy_bone_project:crazy_bone:-
-
cpe:2.3:a:crazy_bone_project:crazy_bone:0.1.0
-
cpe:2.3:a:crazy_bone_project:crazy_bone:0.3.0
-
cpe:2.3:a:crazy_bone_project:crazy_bone:0.4.0
-
cpe:2.3:a:crazy_bone_project:crazy_bone:0.5.0
-
cpe:2.3:a:crazy_bone_project:crazy_bone:0.5.1
-
cpe:2.3:a:crazy_bone_project:crazy_bone:0.5.2
-
cpe:2.3:a:crazy_bone_project:crazy_bone:0.5.3
-
cpe:2.3:a:crazy_bone_project:crazy_bone:0.5.4
-
cpe:2.3:a:crazy_bone_project:crazy_bone:0.5.5
-
cpe:2.3:a:crazy_bone_project:crazy_bone:0.5.6