exploitDog

GHSA-7xm8-fw8m-2w46

Опубликовано: 22 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The SEO Plugin by Squirrly SEO WordPress plugin before 11.1.12 does not escape the type parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

The SEO Plugin by Squirrly SEO WordPress plugin before 11.1.12 does not escape the type parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

Ссылки

EPSS

Процентиль: 52%

0.00288

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-25019

CVSS3: 6.1

nvd

почти 4 года назад

The SEO Plugin by Squirrly SEO WordPress plugin before 11.1.12 does not escape the type parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

EPSS

Процентиль: 52%

0.00288

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79