Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-vq94-fv6j-x393

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php in the WP FuneralPress plugin before 1.1.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) message, (2) photo-message, or (3) youtube-message parameter.

Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php in the WP FuneralPress plugin before 1.1.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) message, (2) photo-message, or (3) youtube-message parameter.

Ссылки

EPSS

Процентиль: 89%
0.04745
Низкий

CVE ID

CVE-2013-3529

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2013-3529

nvd
около 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php in the WP FuneralPress plugin before 1.1.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) message, (2) photo-message, or (3) youtube-message parameter.

EPSS

Процентиль: 89%
0.04745
Низкий

CVE ID

CVE-2013-3529

Дефекты

CWE-79