Back

CVE-2015-10132

April 21, 2024, 8:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Thimo Grauerholz WP-Spreadplugin

  • up to 3.8.6.1

Source

cna@vuldb.com

Tags

CVE-2015-10132 details

Published : April 21, 2024, 8:15 p.m.
Last Modified : April 21, 2024, 8:15 p.m.

Description

A vulnerability classified as problematic was found in Thimo Grauerholz WP-Spreadplugin up to 3.8.6.1 on WordPress. This vulnerability affects unknown code of the file spreadplugin.php. The manipulation of the argument Spreadplugin leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 3.8.6.6 is able to address this issue. The name of the patch is a9b9afc641854698e80aa5dd9ababfc8e0e57d69. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-261676.

CVSS Score

1 2 3.5 4 5 6 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

Base Score

3.5

Exploitability Score

Impact Score

Base Severity

LOW

Vector String : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

References

URL Source
https://github.com/wp-plugins/wp-spreadplugin/commit/a9b9afc641854698e80aa5dd9ababfc8e0e57d69 cna@vuldb.com
https://github.com/wp-plugins/wp-spreadplugin/releases/tag/3.8.6.6 cna@vuldb.com
https://vuldb.com/?ctiid.261676 cna@vuldb.com
https://vuldb.com/?id.261676 cna@vuldb.com
This website uses the NVD API, but is not approved or certified by it.