Lucene search
China National Vulnerability DatabaseCNVD-2022-19789HistoryMar 09, 2022 - 12:00 a.m.
WordPress WP Cerber Security, Anti-spam & Malware Scan Plugin Cross-Site Scripting Vulnerability
2022-03-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.001 Low
EPSS
Percentile
44.4%
WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress WP Cerber Security, Anti-spam & Malware Scan Plugin prior to version 8.9.6, which stems from the fact that the $url variable is not cleaned up before it is used in the plugin dashboard’s Properties in the “Active” tab of the plugin dashboard are not cleaned up before being used. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wp cerber security, anti-spam & malware scan plugin | lt | 8.9.6 |
Related
wpvulndb
wpvulndb
cvelist
cvelist
nvd
nvd
CVE-2022-0429
2022-03-07 09:15:09
cve
cve
CVE-2022-0429
2022-03-07 09:15:09
wpexploit
wpexploit
patchstack
patchstack
openvas
openvas
prion
prion
Cross site scripting
2022-03-07 09:15:00