exploitDog

GHSA-3xxh-w577-324m

Опубликовано: 21 фев. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

The Spectra WordPress plugin before 1.15.0 does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks.

The Spectra WordPress plugin before 1.15.0 does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks.

Ссылки

EPSS

Процентиль: 34%

0.00138

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-36656

CVSS3: 5.4

nvd

почти 3 года назад

The Spectra WordPress plugin before 1.15.0 does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks.

EPSS

Процентиль: 34%

0.00138

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79