Vulnerability Details CVE-2021-36869
Reflected Cross-Site Scripting (XSS) vulnerability in WordPress Ivory Search plugin (versions <= 4.6.6). Vulnerable parameter: &post.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.5%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 4.3
References
- https://patchstack.com/database/vulnerability/add-search-to-menu/wordpress-ivory-search-plugin-4-6-6-reflected-cross-site-scripting-xss-vulnerability
- https://wordpress.org/plugins/add-search-to-menu/#developers
- https://patchstack.com/database/vulnerability/add-search-to-menu/wordpress-ivory-search-plugin-4-6-6-reflected-cross-site-scripting-xss-vulnerability
- https://wordpress.org/plugins/add-search-to-menu/#developers
Products affected by CVE-2021-36869
-
cpe:2.3:a:ivorysearch:ivory_search:-
-
cpe:2.3:a:ivorysearch:ivory_search:4.5.10
-
cpe:2.3:a:ivorysearch:ivory_search:4.5.11
-
cpe:2.3:a:ivorysearch:ivory_search:4.5.5
-
cpe:2.3:a:ivorysearch:ivory_search:4.5.6
-
cpe:2.3:a:ivorysearch:ivory_search:4.5.7
-
cpe:2.3:a:ivorysearch:ivory_search:4.5.8
-
cpe:2.3:a:ivorysearch:ivory_search:4.5.9
-
cpe:2.3:a:ivorysearch:ivory_search:4.6
-
cpe:2.3:a:ivorysearch:ivory_search:4.6.1
-
cpe:2.3:a:ivorysearch:ivory_search:4.6.2
-
cpe:2.3:a:ivorysearch:ivory_search:4.6.3
-
cpe:2.3:a:ivorysearch:ivory_search:4.6.4
-
cpe:2.3:a:ivorysearch:ivory_search:4.6.5
-
cpe:2.3:a:ivorysearch:ivory_search:4.6.6