| ID |
CVE-2019-25315
|
| Sažetak |
WordPress Server Log Viewer 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unfiltered log file paths. Attackers can add log files with embedded XSS payloads that will execute when viewed in the WordPress admin interface. |
| Reference |
|
| CVSS |
| Base: | 6.4 |
| Impact: | 2.7 |
| Exploitability: | 3.1 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| NETWORK |
LOW |
LOW |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| LOW |
LOW |
NONE |
|
| CVSS vektor |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
| Zadnje važnije ažuriranje |
11-02-2026 - 15:27 |
| Objavljeno |
11-02-2026 - 15:16 |
