CVE-2018-20462
MEDIUM NUCLEIJsmol2wp - XSS
Title source: ruleDescription
An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the jsmol.php data parameter.
Nuclei Templates (1)
WordPress JSmol2WP <=1.07 - Cross-Site Scripting
MEDIUMby daffainfo
Scores
CVSS v3
6.1
EPSS
0.0491
EPSS Percentile
89.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
jsmol2wp_project/jsmol2wp
1.07
Published
Dec 25, 2018
Tracked Since
Feb 18, 2026