Lucene search
China National Vulnerability DatabaseCNVD-2022-59806HistoryMay 07, 2022 - 12:00 a.m.
WordPress Cloudways Breeze plugin跨站脚本漏洞
2022-05-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
0.001 Low
EPSS
Percentile
19.4%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Cloudways Breeze plugin 2.0.2 and earlier versions have a cross-site scripting vulnerability that can be exploited by attackers to execute any wp_ajax_* operation in the Breeze_ Configuration class, including the ability to change the settings of any plugin, including CDN settings that can be further used for cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress cloudways breeze plugin | le | 2.0.2 |
Related
cve
cve
CVE-2022-29444
2022-05-02 20:15:08
cvelist
cvelist
openvas
openvas
WordPress Breeze Plugin < 2.0.3 XSS Vulnerability
2022-05-11 00:00:00
prion
prion
Cross site scripting
2022-05-02 20:15:00
nvd
nvd
CVE-2022-29444
2022-05-02 20:15:08
patchstack
patchstack
wpvulndb
wpvulndb
Breeze < 2.0.3 - Subscriber+ Arbitrary Settings Update to Stored XSS
2022-05-02 00:00:00