exploitDog

GHSA-g5gm-qgrx-3h7c

Опубликовано: 31 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The EventPrime WordPress plugin before 3.2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to an HTML Injection on the plugin in the search area of the website.

The EventPrime WordPress plugin before 3.2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to an HTML Injection on the plugin in the search area of the website.

Ссылки

EPSS

Процентиль: 48%

0.00245

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-5238

CVSS3: 6.1

nvd

больше 2 лет назад

The EventPrime WordPress plugin before 3.2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to an HTML Injection on the plugin in the search area of the website.

EPSS

Процентиль: 48%

0.00245

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79