Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Unknown | grid-kit-premium | unaffected |
|
Configuration 1 [-]
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-43967 | The grid-kit-premium WordPress plugin before 2.2.0 does not escape some parameters as well as generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin |
Thu, 17 Oct 2024 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:wpsofts:portfolio_gallery\,_product_catalog_-_grid_kit_portfolio:-:*:*:*:*:wordpress:*:* | |
| Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2024-10-17T20:59:55.146Z
Reserved: 2023-06-16T08:26:07.461Z
Link: CVE-2023-3292
Vulnrichment
Updated: 2024-08-02T06:48:08.610Z
NVD
Status : Modified
Published: 2023-07-31T10:15:10.577
Modified: 2024-11-21T08:16:56.640
Link: CVE-2023-3292
Redhat
No data.
OpenCVE Enrichment
No data.
No weakness.