CVE-2015-9410 — Cross-site Scripting in Powerpress

CWE-79 — Cross-site Scripting7 documents5 sources

Severity

5.4MEDIUMNVD

EPSS

0.3%

top 47.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Blubrry Powerpress

Timeline

PublishedSep 26

Latest updateAug 29

Description

The Blubrry PowerPress Podcasting plugin 6.0.4 for WordPress has XSS via the tab parameter.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages1 packages

▶NVDblubrry/powerpress6.0.4

🔴Vulnerability Details

OSV

lame vulnerabilities↗2022-08-29

▶

GHSA

GHSA-2jwg-327r-828f: The Blubrry PowerPress Podcasting plugin 6↗2022-05-24

▶

CVEList

CVE-2015-9410: The Blubrry PowerPress Podcasting plugin 6↗2019-09-25

▶

💬Community

Bugzilla

CVE-2015-9099 CVE-2015-9100 CVE-2017-11720 CVE-2017-13712 CVE-2017-15018 CVE-2017-15019 CVE-2017-15045 CVE-2017-15046 CVE-2017-9410 CVE-2017-9411 CVE-2017-9412 CVE-2017-8419 lame: Multiple vulnerabili↗2017-07-12

▶