exploitDog

CVE-2022-3194

Опубликовано: 16 янв. 2024

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators.

Ссылки

https://wpscan.com/vulnerability/85e32913-dc2a-44c9-addd-7abde618e995/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/85e32913-dc2a-44c9-addd-7abde618e995/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wedevs:dokan:*:*:*:*:*:wordpress:*:*

Версия до 3.6.4 (исключая)

EPSS

Процентиль: 49%

0.00255

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-5g8x-4pjj-p6fm

CVSS3: 5.4

github

около 2 лет назад

The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators.

EPSS

Процентиль: 49%

0.00255

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79