Search

Find a vulnerability

Search criteria

    3 vulnerabilities found for PixelYourSite by Minimal Work SRL

    CVE-2018-0578 (GCVE-0-2018-0578)

    Vulnerability from nvd – Published: 2018-05-14 13:00 – Updated: 2024-08-05 03:28
    VLAI
    Summary
    Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    URL Tags
    https://wordpress.org/plugins/pixelyoursite/#developers x_refsource_CONFIRM
    http://jvn.jp/en/jp/JVN61081552/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    Minimal Work SRL PixelYourSite Affected: prior to version 5.3.0
    Create a notification for this product.
    Date Public
    2018-04-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:28:11.128Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/pixelyoursite/#developers"
              },
              {
                "name": "JVN#61081552",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN61081552/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "PixelYourSite",
              "vendor": "Minimal Work SRL",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to version 5.3.0"
                }
              ]
            }
          ],
          "datePublic": "2018-04-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-05-14T12:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wordpress.org/plugins/pixelyoursite/#developers"
            },
            {
              "name": "JVN#61081552",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN61081552/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2018-0578",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "PixelYourSite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "prior to version 5.3.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Minimal Work SRL"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/pixelyoursite/#developers",
                  "refsource": "CONFIRM",
                  "url": "https://wordpress.org/plugins/pixelyoursite/#developers"
                },
                {
                  "name": "JVN#61081552",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN61081552/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2018-0578",
        "datePublished": "2018-05-14T13:00:00.000Z",
        "dateReserved": "2017-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:28:11.128Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0578 (GCVE-0-2018-0578)

    Vulnerability from cvelistv5 – Published: 2018-05-14 13:00 – Updated: 2024-08-05 03:28
    VLAI
    Summary
    Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    URL Tags
    https://wordpress.org/plugins/pixelyoursite/#developers x_refsource_CONFIRM
    http://jvn.jp/en/jp/JVN61081552/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    Minimal Work SRL PixelYourSite Affected: prior to version 5.3.0
    Create a notification for this product.
    Date Public
    2018-04-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:28:11.128Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/pixelyoursite/#developers"
              },
              {
                "name": "JVN#61081552",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN61081552/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "PixelYourSite",
              "vendor": "Minimal Work SRL",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to version 5.3.0"
                }
              ]
            }
          ],
          "datePublic": "2018-04-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-05-14T12:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wordpress.org/plugins/pixelyoursite/#developers"
            },
            {
              "name": "JVN#61081552",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN61081552/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2018-0578",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "PixelYourSite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "prior to version 5.3.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Minimal Work SRL"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/pixelyoursite/#developers",
                  "refsource": "CONFIRM",
                  "url": "https://wordpress.org/plugins/pixelyoursite/#developers"
                },
                {
                  "name": "JVN#61081552",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN61081552/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2018-0578",
        "datePublished": "2018-05-14T13:00:00.000Z",
        "dateReserved": "2017-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:28:11.128Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    JVNDB-2018-000039

    Vulnerability from jvndb - Published: 2018-04-27 14:24 - Updated:2018-08-30 11:55
    Severity
    Summary
    WordPress plugin "PixelYourSite" vulnerable to cross-site scripting
    Details
    The WordPress plugin "PixelYourSite" provided by Minimal Work SRL contains a reflected cross-site scripting vulnerability (CWE-79). Chris Liu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000039.html",
      "dc:date": "2018-08-30T11:55+09:00",
      "dcterms:issued": "2018-04-27T14:24+09:00",
      "dcterms:modified": "2018-08-30T11:55+09:00",
      "description": "The WordPress plugin \"PixelYourSite\" provided by Minimal Work SRL contains a reflected cross-site scripting vulnerability (CWE-79).\r\n\r\nChris Liu reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000039.html",
      "sec:cpe": {
        "#text": "cpe:/a:misc:minimal_work_srl_pixelyoursite",
        "@product": "PixelYourSite",
        "@vendor": "Minimal Work SRL",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "2.6",
          "@severity": "Low",
          "@type": "Base",
          "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "6.1",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2018-000039",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN61081552/index.html",
          "@id": "JVN#61081552",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0578",
          "@id": "CVE-2018-0578",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0578",
          "@id": "CVE-2018-0578",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "WordPress plugin \"PixelYourSite\" vulnerable to cross-site scripting"
    }