exploitDog

GHSA-cchx-3mjj-hjj4

Опубликовано: 12 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks

The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks

Ссылки

EPSS

Процентиль: 46%

0.00231

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-3935

CVSS3: 5.4

nvd

около 3 лет назад

The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks

EPSS

Процентиль: 46%

0.00231

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79