Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-1977

Опубликовано: 29 фев. 2024
Источник: nvd
CVSS3: 4.4
CVSS3: 4.8
EPSS Низкий

Описание

The Restaurant Solutions – Checklist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Checklist points in version 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:josephlopreste:restaurant_solutions_-_checklist:1.0.0:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 60%
0.00402
Низкий

4.4 Medium

CVSS3

4.8 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

github логотип

GHSA-p7f2-66rr-gm45

CVSS3: 4.4
github
почти 2 года назад

The Restaurant Solutions – Checklist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Checklist points in version 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

EPSS

Процентиль: 60%
0.00402
Низкий

4.4 Medium

CVSS3

4.8 Medium

CVSS3

Дефекты

CWE-79