exploitDog

GHSA-g7r4-c4q3-g2pj

Опубликовано: 03 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The Content Egg WordPress plugin before 5.3.0 does not sanitise and escape the page parameter before outputting back in an attribute in the Autoblogging admin dashboard, leading to a Reflected Cross-Site Scripting

The Content Egg WordPress plugin before 5.3.0 does not sanitise and escape the page parameter before outputting back in an attribute in the Autoblogging admin dashboard, leading to a Reflected Cross-Site Scripting

Ссылки

EPSS

Процентиль: 52%

0.0029

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-0428

CVSS3: 6.1

nvd

почти 4 года назад

The Content Egg WordPress plugin before 5.3.0 does not sanitise and escape the page parameter before outputting back in an attribute in the Autoblogging admin dashboard, leading to a Reflected Cross-Site Scripting

EPSS

Процентиль: 52%

0.0029

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79