CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-18373

In the Schiocco "Support Board - Chat And Help Desk" plugin 1.2.3 for WordPress, a Stored XSS vulnerability has been discovered in file upload areas in the Chat and Help Desk sections via the msg parameter in a /wp-admin/admin-ajax.php sb_ajax_add_message action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 36.3%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

http://packetstormsecurity.com/files/149806/WordPress-Support-Board-1.2.3-Cross-Site-Scripting.html
https://wpvulndb.com/vulnerabilities/9707
http://packetstormsecurity.com/files/149806/WordPress-Support-Board-1.2.3-Cross-Site-Scripting.html
https://wpvulndb.com/vulnerabilities/9707

Products affected by CVE-2018-18373

Schiocco » Support Board - Chat And Help Desk » Version: 1.2.3

cpe:2.3:a:schiocco:support_board_-_chat_and_help_desk:1.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-18373

Products

Pricing

Contact Us