exploitDog

CVE-2022-3739

Опубликовано: 16 янв. 2024

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

The WP Best Quiz WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as Author to perform Cross-Site Scripting attacks.

Ссылки

https://wpscan.com/vulnerability/b9f39ced-1e0f-4559-b861-39ddcbcd1249/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/b9f39ced-1e0f-4559-b861-39ddcbcd1249/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:subina:wp_best_quiz:*:*:*:*:*:wordpress:*:*

Версия до 1.0 (включая)

EPSS

Процентиль: 82%

0.01813

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-fv65-3wh4-c445

CVSS3: 5.4

github

около 2 лет назад

The WP Best Quiz WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as Author to perform Cross-Site Scripting attacks.

EPSS

Процентиль: 82%

0.01813

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79