Описание
The FunnelKit WordPress plugin before 3.12.0.1 does not sanitize user input before echoing it back in some of its checkout-related AJAX actions, allowing attackers to conduct reflected XSS attacks against logged-in users.
EPSS
Процентиль: 14%
0.00045
Низкий
6.3 Medium
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 6.3
github
3 месяца назад
The FunnelKit WordPress plugin before 3.12.0.1 does not sanitize user input before echoing it back in some of its checkout-related AJAX actions, allowing attackers to conduct reflected XSS attacks against logged-in users.
EPSS
Процентиль: 14%
0.00045
Низкий
6.3 Medium
CVSS3