What is the severity of CVE-2015-10120?

CVE-2015-10120 is classified as a problematic vulnerability.

How do I fix CVE-2015-10120?

To fix CVE-2015-10120, update the WDS Multisite Aggregate Plugin to a version later than 1.0.0.

What systems are affected by CVE-2015-10120?

CVE-2015-10120 affects the WDS Multisite Aggregate Plugin versions up to 1.0.0 on WordPress.

What type of vulnerability is CVE-2015-10120?

CVE-2015-10120 is a cross-site scripting vulnerability.

Which function is impacted in CVE-2015-10120?

The function impacted by CVE-2015-10120 is update_options in the file includes/WDS_Multisite_Aggregate_Options.php.

Vulnerability/
CVE-2015-10120

medium

6.1

CWE

10/7/2023

6/8/2024

CVE-2015-10120: WDS Multisite Aggregate Plugin WDS_Multisite_Aggregate_Options.php update_options cross site scripting

First published: Mon Jul 10 2023(Updated: )

A vulnerability, which was classified as problematic, was found in WDS Multisite Aggregate Plugin up to 1.0.0 on WordPress. Affected is the function update_options of the file includes/WDS_Multisite_Aggregate_Options.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0.1 is able to address this issue. The name of the patch is 49e0bbcb6ff70e561365d9e0d26426598f63ca12. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-233364.

Credit: cna@vuldb.com

Affected Software	Affected Version	How to fix
Webdevstudios Wds Multisite Aggregate	<=1.0.0
	<=1.0.0

Remedy

https://github.com/wp-plugins/wds-multisite-aggregate/commit/49e0bbcb6ff70e561365d9e0d26426598f63ca12

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-10120?
CVE-2015-10120 is classified as a problematic vulnerability.
How do I fix CVE-2015-10120?
To fix CVE-2015-10120, update the WDS Multisite Aggregate Plugin to a version later than 1.0.0.
What systems are affected by CVE-2015-10120?
CVE-2015-10120 affects the WDS Multisite Aggregate Plugin versions up to 1.0.0 on WordPress.
What type of vulnerability is CVE-2015-10120?
CVE-2015-10120 is a cross-site scripting vulnerability.
Which function is impacted in CVE-2015-10120?
The function impacted by CVE-2015-10120 is update_options in the file includes/WDS_Multisite_Aggregate_Options.php.

collector/nvd-index
agent/type
agent/weakness
agent/remedy
agent/references
agent/description
agent/softwarecombine
collector/nvd-api
source/NVD
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/title
agent/severity
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-latest
agent/software-canonical-lookup-request
agent/author
vendor/webdevstudios
canonical/webdevstudios wds multisite aggregate
version/webdevstudios wds multisite aggregate/1.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.