CVE-2015-9273

medium

Description

The wp-slimstat (aka Slimstat Analytics) plugin before 4.1.6.1 for WordPress has XSS via an HTTP Referer header, or via a field associated with JavaScript-based Referer tracking.

References

Advisories

https://www.openwall.com/lists/oss-security/2015/07/30/1

https://plugins.trac.wordpress.org/changeset/1204104

http://plugins.svn.wordpress.org//wp-slimstat/tags/4.1.6.1/readme.txt

Details

Source: Mitre, NVD

Published: 2018-10-07

Updated: 2018-11-19

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N