CVE-2017-20177
Last modified
CVE-2017-20177 is a medium-severity vulnerability rated 6.1/10 on the CVSS scale. A vulnerability, which was classified as problematic, has been found in WangGuard Plugin 1.8.0 on WordPress. Affected by this issue is the function wangguard_users_info of the file wangguard-user-info.php of the component WGG User List Handler. EPSS estimates a 0.64% chance of exploitation in the next 30 days.
Description
A vulnerability, which was classified as problematic, has been found in WangGuard Plugin 1.8.0 on WordPress. Affected by this issue is the function wangguard_users_info of the file wangguard-user-info.php of the component WGG User List Handler. The manipulation of the argument userIP leads to cross site scripting. The attack may be launched remotely. The patch is identified as 88414951e30773c8d2ec13b99642688284bf3189. It is recommended to apply a patch to fix this issue. VDB-220214 is the identifier assigned to this vulnerability.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Wangguard Project | Wangguard | 1.8.0 |
References
- https://github.com/joseconti/WangGuard/pull/14Issue Tracking, Patch
- https://vuldb.com/?ctiid.220214Permissions Required, Third Party Advisory
- https://vuldb.com/?id.220214Third Party Advisory
- https://github.com/joseconti/WangGuard/pull/14Issue Tracking, Patch
- https://vuldb.com/?ctiid.220214Permissions Required, Third Party Advisory
- https://vuldb.com/?id.220214Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-20177?
How severe is CVE-2017-20177?
How do I fix CVE-2017-20177?
Are you affected by CVE-2017-20177?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST