CVE-2017-20108
LOWEasy Table Plugin < 1.6 - Cross-Site Scripting via options-general.php Input
Title source: llmDescription
A vulnerability classified as problematic has been found in Easy Table Plugin 1.6. This affects an unknown part of the file /wordpress/wp-admin/options-general.php. The manipulation with the input "><script>alert(1)</script> leads to basic cross site scripting. It is possible to initiate the attack remotely.
References (2)
Core 2
Core References
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2017/Feb/24
Third Party Advisory x_refsource_misc
https://vuldb.com/?id.97119
Scores
CVSS v3
3.5
EPSS
0.0054
EPSS Percentile
40.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-80
CWE-79
Status
published
Products (1)
easy_table_project/easy_table
< 1.6
Published
Jun 29, 2022
Tracked Since
Feb 18, 2026