Lucene search
China National Vulnerability DatabaseCNVD-2022-54964HistoryJun 15, 2022 - 12:00 a.m.
WordPress Ultimate Member plugin跨站脚本漏洞
2022-06-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
wordpress
cross-site scripting
vulnerability
plugin
version 2.3.2
php
mysql
attacker
EPSS
0.001
Percentile
49.8%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress Ultimate Member plugin version 2.3.2 and earlier versions contain a cross-site scripting vulnerability that stems from insufficient input cleanup and output escaping. An attacker could exploit this vulnerability to encode malicious Web scripts using HTML coding and reflect them on the page.
Related
wpvulndb
wpvulndb
Ultimate Member < 2.4.0 - Subscriber+ Stored Cross-Site Scripting
2022-06-02 00:00:00
prion
prion
Cross site scripting
2022-06-13 13:15:00
cvelist
cvelist
CVE-2022-1208
2022-06-13 12:43:38
patchstack
patchstack
osv
osv
CVE-2022-1208
2022-06-13 13:15:10
cve
cve
CVE-2022-1208
2022-06-13 13:15:10
nvd
nvd
CVE-2022-1208
2022-06-13 13:15:10
openvas
openvas
WordPress Ultimate Member Plugin <= 2.3.2 XSS Vulnerability
2022-06-14 00:00:00