Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-8c75-f543-x943

Опубликовано: 03 янв. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 6.1

Описание

The WP-Lister Lite for Amazon WordPress plugin before 2.4.4 does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which can be used against high-privilege users such as admin.

The WP-Lister Lite for Amazon WordPress plugin before 2.4.4 does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which can be used against high-privilege users such as admin.

Ссылки

EPSS

Процентиль: 44%
0.00218
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-4369

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2022-4369

CVSS3: 6.1
nvd
около 3 лет назад

The WP-Lister Lite for Amazon WordPress plugin before 2.4.4 does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which can be used against high-privilege users such as admin.

EPSS

Процентиль: 44%
0.00218
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-4369

Дефекты

CWE-79