exploitDog

GHSA-whpx-fg6m-254m

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The Weather Effect WordPress plugin before 1.3.6 does not properly validate and escape some of its settings (like *_size_leaf, *_flakes_leaf, *_speed) which could lead to Stored Cross-Site Scripting issues

The Weather Effect WordPress plugin before 1.3.6 does not properly validate and escape some of its settings (like *_size_leaf, *_flakes_leaf, *_speed) which could lead to Stored Cross-Site Scripting issues

Ссылки

EPSS

Процентиль: 51%

0.00282

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-24709

CVSS3: 4.8

nvd

больше 4 лет назад

The Weather Effect WordPress plugin before 1.3.6 does not properly validate and escape some of its settings (like *_size_leaf, *_flakes_leaf, *_speed) which could lead to Stored Cross-Site Scripting issues

EPSS

Процентиль: 51%

0.00282

Низкий

CVE ID

Дефекты

CWE-79