exploitDog

CVE-2023-0764

Опубликовано: 17 апр. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability. The attacker must have at least the privileges of the Author role.

Ссылки

https://wpscan.com/vulnerability/d48c6c50-3734-4191-9833-0d9b09b1bd8a
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/d48c6c50-3734-4191-9833-0d9b09b1bd8a
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bestwebsoft:gallery:*:*:*:*:*:wordpress:*:*

Версия до 4.7.0 (исключая)

EPSS

Процентиль: 34%

0.00137

Низкий

5.4 Medium

CVSS3

Дефекты

Связанные уязвимости

GHSA-52x4-hjxq-qrcm

CVSS3: 5.4

github

почти 3 года назад

The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability. The attacker must have at least the privileges of the Author role.

EPSS

Процентиль: 34%

0.00137

Низкий

5.4 Medium

CVSS3

Дефекты