exploitDog

GHSA-mrhx-67q5-9qc4

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple XSS vulnerabilities in the Final Tiles Gallery plugin before 3.4.19 for WordPress allow remote attackers to inject arbitrary web script or HTML via the Title (aka imageTitle) or Caption (aka description) field of an image to wp-admin/admin-ajax.php.

Multiple XSS vulnerabilities in the Final Tiles Gallery plugin before 3.4.19 for WordPress allow remote attackers to inject arbitrary web script or HTML via the Title (aka imageTitle) or Caption (aka description) field of an image to wp-admin/admin-ajax.php.

Ссылки

EPSS

Процентиль: 37%

0.00159

Низкий

CVE ID

Связанные уязвимости

CVE-2020-14962

CVSS3: 5.4

nvd

больше 5 лет назад

Multiple XSS vulnerabilities in the Final Tiles Gallery plugin before 3.4.19 for WordPress allow remote attackers to inject arbitrary web script or HTML via the Title (aka imageTitle) or Caption (aka description) field of an image to wp-admin/admin-ajax.php.

EPSS

Процентиль: 37%

0.00159

Низкий

CVE ID