exploitDog

GHSA-r7g7-rfqf-6fx5

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The â€œAll-in-One Addons for Elementor â€“ WidgetKitâ€? WordPress Plugin before 2.3.10 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

The â€œAll-in-One Addons for Elementor â€“ WidgetKitâ€? WordPress Plugin before 2.3.10 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

Ссылки

EPSS

Процентиль: 45%

0.00222

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-24267

CVSS3: 5.4

nvd

почти 5 лет назад

The “All-in-One Addons for Elementor – WidgetKit” WordPress Plugin before 2.3.10 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

EPSS

Процентиль: 45%

0.00222

Низкий

CVE ID

Дефекты

CWE-79