exploitDog

GHSA-mm26-p7j2-5frx

Опубликовано: 27 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting

The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting

Ссылки

EPSS

Процентиль: 28%

0.00099

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-1891

CVSS3: 6.1

nvd

больше 2 лет назад

The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting

EPSS

Процентиль: 28%

0.00099

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79