Описание
Multiple cross-site scripting (XSS) vulnerabilities in admin/swarm-settings.php in the Bugs Go Viral : Facebook Promotion Generator (fbpromotions) plugin 1.3.4 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) promo_type, (2) fb_edit_action, or (3) promo_id parameter.
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.4 (включая)
cpe:2.3:a:fbpromotions_project:fbpromotions:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 39%
0.00174
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Multiple cross-site scripting (XSS) vulnerabilities in admin/swarm-settings.php in the Bugs Go Viral : Facebook Promotion Generator (fbpromotions) plugin 1.3.4 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) promo_type, (2) fb_edit_action, or (3) promo_id parameter.
EPSS
Процентиль: 39%
0.00174
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79