Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-59803
HistoryMay 07, 2022 - 12:00 a.m.

WordPress AdRotate plugin cross-site scripting vulnerability (CNVD-2022-59803)

2022-05-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
14

0.001 Low

EPSS

Percentile

24.8%

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. Cross-site scripting vulnerabilities exist in versions of WordPress AdRotate plugin prior to 5.8.23. The vulnerability stems from a failure to escape group names and can be exploited by a highly privileged attacker to execute JavaScript code.

CPENameOperatorVersion
wordpress adrotate pluginlt5.8.23

0.001 Low

EPSS

Percentile

24.8%