WordPress 跨站脚本漏洞

🗓️ 06 Jan 2022 00:00:00Reported by China National Vulnerability Database of Information SecurityType

cnnvd

cnnvd🔗 www.cnnvd.org.cn👁 3 Views

WordPress versions before 5.8.3 have a cross site scripting vulnerability enabling stored XSS due to improper data validation.

Reporter	Title	Published	Views	Family All 43
ATTACKERKB	CVE-2022-21662	6 Jan 202200:00	–	attackerkb
Circl	CVE-2022-21662	7 Jan 202202:16	–	circl
CNVD	WordPress Cross-Site Scripting Vulnerability (CNVD-2022-03210)	8 Jan 202200:00	–	cnvd
Check Point Advisories	WordPress Core Cross-Site Scripting (CVE-2022-21662)	17 Nov 202200:00	–	checkpoint_advisories
CVE	CVE-2022-21662	6 Jan 202223:05	–	cve
Cvelist	CVE-2022-21662 Stored XSS in WordPress	6 Jan 202223:05	–	cvelist
Debian	[SECURITY] [DLA 2884-1] wordpress security update	23 Jan 202219:09	–	debian
Debian	[SECURITY] [DSA 5039-1] wordpress security update	11 Jan 202210:13	–	debian
Debian CVE	CVE-2022-21662	6 Jan 202223:05	–	debiancve
Tenable Nessus	Debian DLA-2884-1 : wordpress - LTS security update	23 Jan 202200:00	–	nessus

Source	Link
github	www.github.com/WordPress/wordpress-develop/security/advisories/GHSA-699q-3hj9-889w
lists	www.lists.debian.org/debian-lts-announce/2022/01/msg00019.html
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/
wordpress	www.wordpress.org/news/2022/01/wordpress-5-8-3-security-release/
debian	www.debian.org/security/2022/dsa-5039
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/
packetstormsecurity	www.packetstormsecurity.com/files/169199/Debian-Security-Advisory-5039-1.html
vigilance	www.vigilance.fr/vulnerability/WordPress-Core-four-vulnerabilities-37188
auscert	www.auscert.org.au/bulletins/ESB-2022.0096

23 May 2026 00:00Current

5.3Medium risk

Vulners AI Score5.3

CVSS 23.5

CVSS 3.15.4 - 8

EPSS0.14241

SSVC

WordPress cross site scripting stored cross site scripting vulnerability data validation