exploitDog

GHSA-68f6-rg69-q6mv

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The Easy Digital Downloads (EDD) PDF Stamper extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

The Easy Digital Downloads (EDD) PDF Stamper extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

Ссылки

EPSS

Процентиль: 66%

0.00515

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2015-9519

CVSS3: 6.1

nvd

больше 6 лет назад

The Easy Digital Downloads (EDD) PDF Stamper extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

EPSS

Процентиль: 66%

0.00515

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79