Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-103355
HistoryDec 28, 2021 - 12:00 a.m.

WordPress Tickera plugin cross-site scripting vulnerability

2021-12-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
4

0.001 Low

EPSS

Percentile

45.7%

WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.Tickera plugin in versions prior to 3.4.8.3 suffers from a cross-site scripting vulnerability, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.

CPENameOperatorVersion
WordPress Tickera <3.eq4.8.3

0.001 Low

EPSS

Percentile

45.7%