exploitDog

CVE-2022-2753

Опубликовано: 19 сент. 2022

Источник: nvd

CVSS3: 6.1

EPSS Средний

Описание

The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not sanitise and escape some of the reservation user inputs, allowing unauthenticated attackers to perform Cross-Site Scripting attacks logged in admin viewing the malicious reservation made

Ссылки

https://wpscan.com/vulnerability/3c6cc46e-e18a-4f34-ac09-f30ca74a1182
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/3c6cc46e-e18a-4f34-ac09-f30ca74a1182
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ketchup_restaurant_reservations_project:ketchup_restaurant_reservations:*:*:*:*:*:wordpress:*:*

Версия до 1.0.0 (включая)

EPSS

Процентиль: 94%

0.15526

Средний

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-v5rq-cjqq-8jg9

CVSS3: 6.1

github

больше 3 лет назад

The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not sanitise and escape some of the reservation user inputs, allowing unauthenticated attackers to perform Cross-Site Scripting attacks logged in admin viewing the malicious reservation made

EPSS

Процентиль: 94%

0.15526

Средний

6.1 Medium

CVSS3

Дефекты

CWE-79