Vulnerability Details CVE-2017-18011
The MyCBGenie Affiliate Ads for Clickbank Products plugin through 1.6 for WordPress has XSS via the text_ads_ajax.php border_color parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://packetstormsecurity.com/files/144978/WordPress-Affiliate-Ads-For-Clickbank-Products-1.3-XSS.html
- https://wordpress.org/support/topic/affiliate-ads-for-clickbank-products-1-3-xss/
- https://wpvulndb.com/vulnerabilities/8989
- https://packetstormsecurity.com/files/144978/WordPress-Affiliate-Ads-For-Clickbank-Products-1.3-XSS.html
- https://wordpress.org/support/topic/affiliate-ads-for-clickbank-products-1-3-xss/
- https://wpvulndb.com/vulnerabilities/8989
Products affected by CVE-2017-18011
-
cpe:2.3:a:clickbank:affiliate_ads_for_clickbank_products:1.0
-
cpe:2.3:a:clickbank:affiliate_ads_for_clickbank_products:1.3
-
cpe:2.3:a:clickbank:affiliate_ads_for_clickbank_products:1.4
-
cpe:2.3:a:clickbank:affiliate_ads_for_clickbank_products:1.5
-
cpe:2.3:a:clickbank:affiliate_ads_for_clickbank_products:1.6