Lucene search
China National Vulnerability DatabaseCNVD-2022-57429HistoryMay 18, 2022 - 12:00 a.m.
WordPress Call Now Buttons plugin跨站脚本漏洞
2022-05-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
wordpress
call now buttons
plugin
cross-site scripting
vulnerability
php
javascript
client side
version 1.1.2
wordpress foundation
blogging platform
parameters escaping
input hiding
attacker exploit
EPSS
0.001
Percentile
40.2%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions of the WordPress Call Now Buttons plugin prior to 1.1.2, which stems from a failure to escape parameters before outputting them back to properties that hide the input. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
Related
prion
prion
Cross site scripting
2022-05-16 15:15:00
patchstack
patchstack
wpexploit
wpexploit
Call Now Button < 1.1.2 - Reflected Cross-Site Scripting
2022-04-25 00:00:00
wpvulndb
wpvulndb
Call Now Button < 1.1.2 - Reflected Cross-Site Scripting
2022-04-25 00:00:00
openvas
openvas
WordPress Call Now Button Plugin < 1.1.2 XSS Vulnerability
2023-10-04 00:00:00
cvelist
cvelist
CVE-2022-1455 Call Now Button < 1.1.2 - Reflected Cross-Site Scripting
2022-05-16 14:31:07
nvd
nvd
CVE-2022-1455
2022-05-16 15:15:09
cve
cve
CVE-2022-1455
2022-05-16 15:15:09