exploitDog

GHSA-vvmg-r8xj-p43w

Опубликовано: 19 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The Easy Social Feed Free and Pro WordPress plugins before 6.2.7 do not sanitise some of their parameters used via AJAX actions before outputting them back in the response, leading to Reflected Cross-Site Scripting issues

The Easy Social Feed Free and Pro WordPress plugins before 6.2.7 do not sanitise some of their parameters used via AJAX actions before outputting them back in the response, leading to Reflected Cross-Site Scripting issues

Ссылки

EPSS

Процентиль: 98%

0.54081

Средний

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-25120

CVSS3: 6.1

nvd

почти 4 года назад

The Easy Social Feed Free and Pro WordPress plugins before 6.2.7 do not sanitise some of their parameters used via AJAX actions before outputting them back in the response, leading to Reflected Cross-Site Scripting issues

EPSS

Процентиль: 98%

0.54081

Средний

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79