Описание
Cross-site scripting (XSS) vulnerability in the Easing Slider plugin before 2.2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the (1) easingslider_manage_customizations or (2) easingslider_edit_sliders page to wp-admin/admin.php.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- VDB Entry
- PatchRelease Notes
- Exploit
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- VDB Entry
- PatchRelease Notes
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 2.2.0.6 (включая)
cpe:2.3:a:easing_slider_project:easing_slider:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 56%
0.00336
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in the Easing Slider plugin before 2.2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the (1) easingslider_manage_customizations or (2) easingslider_edit_sliders page to wp-admin/admin.php.
EPSS
Процентиль: 56%
0.00336
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79