CVE-2023-52213

{"id": "CVE-2023-52213", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2024-01-08T20:15:45.920", "references": [{"url": "https://patchstack.com/database/vulnerability/rate-star-review/wordpress-rate-star-review-plugin-1-5-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "tags": ["Third Party Advisory"], "source": "audit@patchstack.com"}, {"url": "https://patchstack.com/database/vulnerability/rate-star-review/wordpress-rate-star-review-plugin-1-5-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VideoWhisper Rate Star Review \u2013 AJAX Reviews for Content, with Star Ratings allows Reflected XSS.This issue affects Rate Star Review \u2013 AJAX Reviews for Content, with Star Ratings: from n/a through 1.5.1.\n\n"}, {"lang": "es", "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en VideoWhisper Rate Star Review: revisiones AJAX de contenido, con calificaciones de estrellas permite XSS reflejado. Este problema afecta a Rate Star Review: revisiones AJAX de contenido, con calificaciones de estrellas : desde n/a hasta 1.5.1."}], "lastModified": "2024-11-21T08:39:24.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:videowhisper:rate_star_review:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "2E3DEF8B-9700-4A6B-B883-319B3C8AE2F9", "versionEndIncluding": "1.5.1"}], "operator": "OR"}]}], "sourceIdentifier": "audit@patchstack.com"}