CVE-2020-15363
23Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 5.9%
from disclosure to weapon24 days
Published on NVDJun 28
1st PoC+24d
exploitation probability
5.9%top 8% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/158510/WordPress-NexosReal-Estate-Theme-1.7-Cross-Site-Scripting-SQL-Injection.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48682unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://packetstormsecurity.com/files/158510/WordPress-NexosReal-Estate-Theme-1.7-Cross-Site-Scripting-SQL-Injection.htmlhttps://github.com/vladvector/vladvector.github.io/blob/master/exploit/2020-06-17-nexos-real-estate-wordpress-theme-v1-7.txthttps://themeforest.net/item/nexos-real-estate-agency-directory/21126242