exploitDog

GHSA-3xp6-pxgj-3wj7

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7 for WordPress has XSS because add_query_arg is misused.

The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7 for WordPress has XSS because add_query_arg is misused.

Ссылки

EPSS

Процентиль: 66%

0.00515

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2015-9505

CVSS3: 6.1

nvd

больше 6 лет назад

The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7 for WordPress has XSS because add_query_arg is misused.

EPSS

Процентиль: 66%

0.00515

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79