Lucene search
China National Vulnerability DatabaseCNVD-2022-19798HistoryMar 09, 2022 - 12:00 a.m.
WordPress LoginPress Plugin Cross-Site Scripting Vulnerability
2022-03-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
18
0.001 Low
EPSS
Percentile
40.3%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress LoginPress Plugin prior to 1.5.12. The vulnerability stems from the plugin’s failure to escape redirect page parameters before outputting them back to the property, which can be exploited to execute JavaScript code on the client side .
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress loginpress plugin | lt | 1.5.12 |
Related
prion
prion
Cross site scripting
2022-03-07 09:15:00
nvd
nvd
CVE-2022-0347
2022-03-07 09:15:09
openvas
openvas
WordPress LoginPress Plugin < 1.5.12 XSS Vulnerability
2022-03-22 00:00:00
cve
cve
CVE-2022-0347
2022-03-07 09:15:09
wpvulndb
wpvulndb
LoginPress < 1.5.12 - Reflected Cross-Site Scripting
2022-02-14 00:00:00
cvelist
cvelist
CVE-2022-0347 LoginPress < 1.5.12 - Reflected Cross-Site Scripting
2022-03-07 08:16:26
wpexploit
wpexploit
LoginPress < 1.5.12 - Reflected Cross-Site Scripting
2022-02-14 00:00:00