exploitDog

GHSA-3pr6-85rx-qpm8

Опубликовано: 22 янв. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The Meris WordPress theme through 1.1.2 does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin

The Meris WordPress theme through 1.1.2 does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Ссылки

EPSS

Процентиль: 31%

0.00117

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-7194

CVSS3: 6.1

nvd

около 2 лет назад

The Meris WordPress theme through 1.1.2 does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin

EPSS

Процентиль: 31%

0.00117

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79