Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-j4p9-6rjr-3vwx

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the post_title parameter to wp-admin/post-new.php, which is not properly handled in the snippet preview functionality.

Cross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the post_title parameter to wp-admin/post-new.php, which is not properly handled in the snippet preview functionality.

Ссылки

EPSS

Процентиль: 70%
0.00625
Низкий

CVE ID

CVE-2012-6692

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2012-6692

nvd
больше 10 лет назад

Cross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the post_title parameter to wp-admin/post-new.php, which is not properly handled in the snippet preview functionality.

EPSS

Процентиль: 70%
0.00625
Низкий

CVE ID

CVE-2012-6692

Дефекты

CWE-79