Vulnerability Details CVE-2021-36910
Authenticated (admin user role) Stored Cross-Site Scripting (XSS) in WP-Appbox (WordPress plugin) <= 4.3.20.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.4%
CVSS Severity
CVSS v3 Score 3.4
CVSS v2 Score 3.5
References
- https://patchstack.com/database/vulnerability/wp-appbox/wordpress-wp-appbox-plugin-4-3-20-authenticated-stored-cross-site-scripting-xss-vulnerability
- https://wordpress.org/plugins/wp-appbox/#developers
- https://patchstack.com/database/vulnerability/wp-appbox/wordpress-wp-appbox-plugin-4-3-20-authenticated-stored-cross-site-scripting-xss-vulnerability
- https://wordpress.org/plugins/wp-appbox/#developers
Products affected by CVE-2021-36910
-
cpe:2.3:a:wp-appbox_project:wp-appbox:-
-
cpe:2.3:a:wp-appbox_project:wp-appbox:4.3.20