Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-mcf6-w793-99gq

Опубликовано: 17 сент. 2022
Источник: github
Github: Не прошло ревью
CVSS3: 6.1

Описание

The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10) do not escape a parameter before outputting it back in attributes, leading to Reflected Cross-Site Scripting

The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10) do not escape a parameter before outputting it back in attributes, leading to Reflected Cross-Site Scripting

Ссылки

EPSS

Процентиль: 54%
0.00314
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-2654

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2022-2654

CVSS3: 6.1
nvd
больше 3 лет назад

The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10) do not escape a parameter before outputting it back in attributes, leading to Reflected Cross-Site Scripting

EPSS

Процентиль: 54%
0.00314
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-2654

Дефекты

CWE-79