CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-17043

The Emag Marketplace Connector plugin 1.0.0 for WordPress has reflected XSS because the parameter "post" to /wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php is not filtered correctly.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.056

EPSS Ranking 89.9%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://packetstormsecurity.com/files/145060/wpemagmc10-xss.txt
https://wordpress.org/support/topic/wordpress-emag-marketplace-connector-1-0-cross-site-scripting-vulnerability/
https://wpvulndb.com/vulnerabilities/8964
https://packetstormsecurity.com/files/145060/wpemagmc10-xss.txt
https://wordpress.org/support/topic/wordpress-emag-marketplace-connector-1-0-cross-site-scripting-vulnerability/
https://wpvulndb.com/vulnerabilities/8964

Products affected by CVE-2017-17043

Zitec » Emag Marketplace Connector » Version: 1.0.0

cpe:2.3:a:zitec:emag_marketplace_connector:1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17043

Products

Pricing

Contact Us