Описание
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Catch Themes Essential Widgets essential-widgets allows Stored XSS.This issue affects Essential Widgets: from n/a through <= 2.2.2.
Уязвимые конфигурации
Конфигурация 1Версия до 2.3 (исключая)Версия до 2.8 (исключая)
Одно из
cpe:2.3:a:catchthemes:essential_widgets:*:*:*:*:free:wordpress:*:*
cpe:2.3:a:catchthemes:essential_widgets:*:*:*:*:pro:wordpress:*:*
EPSS
Процентиль: 11%
0.00039
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.5
github
2 месяца назад
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Catch Themes Essential Widgets essential-widgets allows Stored XSS.This issue affects Essential Widgets: from n/a through <= 2.2.2.
EPSS
Процентиль: 11%
0.00039
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-79