Lucene search
China National Vulnerability DatabaseCNVD-2022-59803HistoryMay 07, 2022 - 12:00 a.m.
WordPress AdRotate plugin cross-site scripting vulnerability (CNVD-2022-59803)
2022-05-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
0.001 Low
EPSS
Percentile
24.9%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. Cross-site scripting vulnerabilities exist in versions of WordPress AdRotate plugin prior to 5.8.23. The vulnerability stems from a failure to escape group names and can be exploited by a highly privileged attacker to execute JavaScript code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress adrotate plugin | lt | 5.8.23 |
Related
cve
cve
CVE-2022-0649
2022-05-02 16:15:08
patchstack
patchstack
wpvulndb
wpvulndb
Adrotate < 5.8.23 - Admin+ XSS via Group Name
2022-04-11 00:00:00
prion
prion
Cross site scripting
2022-05-02 16:15:00
cvelist
cvelist
CVE-2022-0649 Adrotate < 5.8.23 - Admin+ XSS via Group Name
2022-05-02 16:05:39
wpexploit
wpexploit
Adrotate < 5.8.23 - Admin+ XSS via Group Name
2022-04-11 00:00:00
nvd
nvd
CVE-2022-0649
2022-05-02 16:15:08