Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-hqvg-xqpv-4p9r

Опубликовано: 31 июл. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 6.1

Описание

The Forminator WordPress plugin before 1.24.4 does not properly escape values that are being reflected inside form fields that use pre-populated query parameters, which could lead to reflected XSS attacks.

The Forminator WordPress plugin before 1.24.4 does not properly escape values that are being reflected inside form fields that use pre-populated query parameters, which could lead to reflected XSS attacks.

Ссылки

EPSS

Процентиль: 31%
0.00117
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2023-3134

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2023-3134

CVSS3: 6.1
nvd
больше 2 лет назад

The Forminator WordPress plugin before 1.24.4 does not properly escape values that are being reflected inside form fields that use pre-populated query parameters, which could lead to reflected XSS attacks.

EPSS

Процентиль: 31%
0.00117
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2023-3134

Дефекты

CWE-79