CyberSec.Space Logo
返回 CVE 浏览器

CVE-2015-9413

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.1750%
EPSS Percentile39.70th
Published2019年9月26日
Last Modified2024年11月21日

Vulnerability Description

The eshop plugin through 6.3.13 for WordPress has CSRF with resultant XSS via the wp-admin/admin.php?page=eshop-downloads.php title parameter.

Affected Platforms (CPE)

📦
Eshop Project

Eshop

<= 6.3.13

References & Advisories

🔗 https://packetstormsecurity.com/files/133480/
🔗 https://wordpress.org/plugins/eshop/#developers
🔗 https://wpvulndb.com/vulnerabilities/8180
🔗 https://packetstormsecurity.com/files/133480/
🔗 https://wordpress.org/plugins/eshop/#developers
🔗 https://wpvulndb.com/vulnerabilities/8180

相关漏洞威胁

CVE-2003-050910.0

SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and g...

CVE-2009-311210.0

Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to ga...

CVE-2019-130269.8

OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL, leading to full access by an attacker...

CVE-2019-170628.8

An issue was discovered in OXID eShop 6.x before 6.0.6 and 6.1.x before 6.1.5, OXID eShop Enterprise Edition Version 5.2.x-5.3.x, ...