Vulnerability Details CVE-2019-14789
The Custom 404 Pro plugin 3.2.8 for WordPress has XSS via the wp-admin/admin.php?page=c4p-main page parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.0%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://wordpress.org/plugins/custom-404-pro/#developers
- https://www.pluginvulnerabilities.com/2019/06/25/other-vulnerability-data-sources-miss-that-a-reflected-xss-vulnerability-in-custom-404-pro-hasnt-been-fixed/
- https://wordpress.org/plugins/custom-404-pro/#developers
- https://www.pluginvulnerabilities.com/2019/06/25/other-vulnerability-data-sources-miss-that-a-reflected-xss-vulnerability-in-custom-404-pro-hasnt-been-fixed/
Products affected by CVE-2019-14789
-
cpe:2.3:a:kunalnagar:custom_404_pro:3.2.8