Описание
The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks.
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.0 (включая)
cpe:2.3:a:help_desk_wp_project:help_desk_wp:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 26%
0.00092
Низкий
5.4 Medium
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 5.4
github
больше 2 лет назад
The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks.
EPSS
Процентиль: 26%
0.00092
Низкий
5.4 Medium
CVSS3