CVE-2017-9420
Published Jun 5, 2017
Last updated 7 years ago
Overview
- Description
- Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.0.0:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "B48BA7E9-1C6A-4497-A4D6-54328F7BF932"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.0.1:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "4B4A24B2-EF01-4A17-A6CF-813475D21227"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.0.2a:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "60EE3105-9B64-4F6B-B9F6-9C24098721FC"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.0.3:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "013E5373-DB1D-4755-886C-1B52CCA65F6A"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.0:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "5885F052-6919-4BA8-9369-BF950BCA6C27"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.1:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "72EED180-74B8-4FEE-90D2-A92DA6F8A0C7"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.2:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "2B9862E0-A08D-4A48-B21C-566FFF18BED3"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.3:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "DAD97A2D-A21F-4063-832F-99031B313858"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.4:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "5F470C95-E624-4891-B61E-475599994AB4"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.5:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "E95096B1-5542-43CD-9B97-49C7F70CA23F"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.6:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "2FC4484F-C0E2-4351-89FE-53EC17EA5AE0"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.7:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "5EE2F989-D73F-49E4-A50A-2627CAC7ED26"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.8:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "125477F4-CBFC-4B5D-A671-0B06A4A35FB7"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.2.0:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "58FB758D-EC2B-4B2A-9A3D-FC62B9D0F016"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.2.1:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "BB4825D9-F7A3-4F17-87A4-FB2BA700BF36"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.3.0:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "39305F07-2412-4399-A0F9-E73A60E166FB"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:1.3.1:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "71522FBE-957B-499E-8E0A-E72B92BEAD4E"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:2.0.0:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "1CB51901-2BD8-46FE-B168-1BC34F60EC73"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:2.0.1:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "83EB9CA8-6A72-4C8B-AAB9-8F988AFBCFC8"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:2.1.0:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "1A46D334-F27A-4172-95DB-87676710CA3C"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:2.1.1:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "C77BA87F-A6D4-4AD4-8809-008DA3AB3900"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:2.1.2:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "0E577878-34D0-4BA3-BE25-EDF8561CB510"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:2.1.3:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "89D1B1B6-1A3A-4A6A-B0B3-1BCFE9538571"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.0:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "BC255E43-9EF6-4C39-A761-118971E01F31"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.1:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "D6F8972B-3E0E-4913-8122-36E3444D7F40"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.2:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "96DDE807-A788-410E-8260-DCF264AC476D"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.3:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "49E4DA3E-47F3-40E5-B461-004EA68AA65C"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.4:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "C9C04C0E-8FE1-4E87-AB18-30CB6CF30E88"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.5:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "8252FE9F-5AAC-49CB-942F-FA3A56CABD85"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.6:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "D473CCD0-BEA4-4EE0-94E8-A88C157C3AAC"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.7:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "99AA5CF4-183D-43AE-B7BC-4C25334E0DA0"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.8:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "70F92E8E-F523-46BC-9533-4CD3419708E6"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.0:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "0E64E631-BAB1-4B44-A903-857A6867D9B0"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.1:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "BF5B4727-50D6-4B83-8312-424BAF042B4A"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.2:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "14813E8C-241B-42FA-AD2C-987B9A2BA792"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.3:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "3EF26C4F-0F25-400E-A21D-69E98C9E0F92"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.4:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "459555CA-2058-4692-9731-13894404685E"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.5:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "D3DE567C-E274-4E64-AD9B-134381E50CEA"
},
{
"criteria": "cpe:2.3:a:sunnythemes:spiffy_calendar:3.2.0:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "F15F8FE3-56F3-43A4-BBED-66060D43BBC6"
}
],
"operator": "OR"
}
]
}
]