exploitDog

CVE-2022-4897

Опубликовано: 21 фев. 2023

Источник: nvd

CVSS3: 6.1

EPSS Средний

Описание

The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting

Ссылки

https://wpscan.com/vulnerability/7b0eeafe-b9bc-43b2-8487-a23d3960f73f
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/7b0eeafe-b9bc-43b2-8487-a23d3960f73f
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ithemes:backupbuddy:*:*:*:*:*:wordpress:*:*

Версия до 8.8.3 (исключая)

EPSS

Процентиль: 94%

0.13401

Средний

6.1 Medium

CVSS3

Дефекты

Связанные уязвимости

GHSA-p8wr-66q2-pvj4

CVSS3: 6.1

github

почти 3 года назад

The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting

EPSS

Процентиль: 94%

0.13401

Средний

6.1 Medium

CVSS3

Дефекты