exploitDog

GHSA-338m-rx6v-qqv5

Опубликовано: 06 фев. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The PDF Generator for WordPress plugin before 1.1.2 includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin

The PDF Generator for WordPress plugin before 1.1.2 includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin

Ссылки

EPSS

Процентиль: 92%

0.07872

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-4321

CVSS3: 6.1

nvd

около 3 лет назад

The PDF Generator for WordPress plugin before 1.1.2 includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin

BDU:2023-07475

CVSS3: 6.1

fstec

около 3 лет назад

Уязвимость библиотеки dompdf плагина PDF Generator системы управления содержимым сайта WordPress, позволяющая нарушителю проводить межсайтовые сценарные атаки

EPSS

Процентиль: 92%

0.07872

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79