exploitDog

GHSA-5g8x-4pjj-p6fm

Опубликовано: 16 янв. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators.

The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators.

Ссылки

EPSS

Процентиль: 49%

0.00255

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-3194

CVSS3: 5.4

nvd

около 2 лет назад

The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators.

EPSS

Процентиль: 49%

0.00255

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79