Описание
The Article Directory WordPress plugin through 1.3 does not properly sanitize the publish_terms_text setting before displaying it in the administration panel, which may enable administrators to conduct Stored XSS attacks in multisite contexts.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3 (включая)
cpe:2.3:a:article_directory_project:article_directory:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 30%
0.00112
Низкий
4.8 Medium
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 4.8
github
почти 3 года назад
The Article Directory WordPress plugin through 1.3 does not properly sanitize the `publish_terms_text` setting before displaying it in the administration panel, which may enable administrators to conduct Stored XSS attacks in multisite contexts.
EPSS
Процентиль: 30%
0.00112
Низкий
4.8 Medium
CVSS3