exploitDog

GHSA-2w93-2cv6-8w7c

Опубликовано: 23 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.8

Описание

The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks.

The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks.

Ссылки

EPSS

Процентиль: 53%

0.00298

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-2361

CVSS3: 4.8

nvd

больше 3 лет назад

The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks.

EPSS

Процентиль: 53%

0.00298

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79