CVE-2021-24955

Опубликовано: 13 дек. 2021

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not escape the data parameter of the pp_get_forms_by_builder_type AJAX action before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue

Ссылки

https://plugins.trac.wordpress.org/changeset/2626573/
Patch
Third Party Advisory
https://wpscan.com/vulnerability/e8005d4d-41c3-451d-b85a-2626decaa080
Exploit
Third Party Advisory
https://plugins.trac.wordpress.org/changeset/2626573/
Patch
Third Party Advisory
https://wpscan.com/vulnerability/e8005d4d-41c3-451d-b85a-2626decaa080
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:profilepress:user_registration\,_login_form\,_user_profile_\&_membership:*:*:*:*:*:wordpress:*:*

Версия до 3.2.3 (исключая)

EPSS

Процентиль: 44%

0.00216

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-mg7h-r8f5-67xj

github

около 4 лет назад