Описание
In the process of testing the MailPoet WordPress plugin before 5.3.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.3.2 (исключая)
cpe:2.3:a:automattic:mailpoet:*:*:*:*:free:wordpress:*:*
EPSS
Процентиль: 29%
0.00105
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
около 1 года назад
In the process of testing the MailPoet WordPress plugin before 5.3.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor
EPSS
Процентиль: 29%
0.00105
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79