CVSS 3.1 Score 3.5 of 10 (low)


Published Apr 21, 2024
Updated: Apr 22, 2024


A cross-site scripting vulnerability, identified as CVE-2015-10132, has been found in Thimo Grauerholz WP-Spreadplugin up to version on WordPress. This vulnerability affects the spreadplugin.php file and can be exploited remotely, allowing for potential cross-site scripting attacks. The issue can be addressed by upgrading to version, which includes a patch with the identifier a9b9afc641854698e80aa5dd9ababfc8e0e57d69. The affected products are vi-yOO and vi-yOP. The vulnerability has a base severity rating of LOW and a CVSS score of 3.5, with an exploitability score of 2.1 out of 10. It is important for organizations using the affected component to upgrade to the patched version to mitigate the risk of exploitation and potential compromise of system integrity.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2015-10132 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options