Lucene search
China National Vulnerability DatabaseCNVD-2022-56248HistoryJul 13, 2022 - 12:00 a.m.
WordPress WooCommerce-Product Importer plugin跨站脚本漏洞
2022-07-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
40.3%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress WooCommerce-Product Importer plugin, which stems from a failure to clean and escape imported data before exporting it back to the page. The vulnerability is caused by a failure to clean and escape the imported data before exporting it back to the page, which can be exploited to perform cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress woocommerce - product importer plugin | lt | 1.5.2 |
Related
cvelist
cvelist
prion
prion
Cross site scripting
2022-07-11 13:15:00
wpvulndb
wpvulndb
WooCommerce - Product Importer <= 1.5.2 - Reflected Cross-Site Scripting
2022-06-16 00:00:00
wpexploit
wpexploit
WooCommerce - Product Importer <= 1.5.2 - Reflected Cross-Site Scripting
2022-06-16 00:00:00
cve
cve
CVE-2022-1546
2022-07-11 13:15:08
nvd
nvd
CVE-2022-1546
2022-07-11 13:15:08