Lucene search
China National Vulnerability DatabaseCNVD-2022-55732HistoryJun 15, 2022 - 12:00 a.m.
WordPress Google Places Reviews plugin跨站脚本漏洞
2022-06-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
25.0%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions of the WordPress Google Places Reviews plugin prior to 2.0.0, which stems from the plugin not properly escaping its Google API key setting. An attacker could use this vulnerability to trick super administrators into viewing the booby-trapped payload and take over their accounts.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress google places reviews plugin | lt | 2.0.0 |
Related
nvd
nvd
CVE-2022-1772
2022-06-13 13:15:12
cve
cve
CVE-2022-1772
2022-06-13 13:15:12
wpexploit
wpexploit
Google Places Review < 2.0.0 - Admin+ Stored Cross Site Scripting
2022-05-17 00:00:00
cvelist
cvelist
CVE-2022-1772 Google Places Review < 2.0.0 - Admin+ Stored Cross Site Scripting
2022-06-13 12:42:45
patchstack
patchstack
wpvulndb
wpvulndb
Google Places Review < 2.0.0 - Admin+ Stored Cross Site Scripting
2022-05-17 00:00:00
prion
prion
Cross site scripting
2022-06-13 13:15:00