Lucene search
China National Vulnerability DatabaseCNVD-2022-70779HistoryMar 24, 2022 - 12:00 a.m.
WordPress Favicon by RealFaviconGenerator plugin cross-site scripting vulnerability
2022-03-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
0.001 Low
EPSS
Percentile
30.2%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress Favicon by RealFaviconGenerator plugin versions prior to 1.3.23 contain a cross-site scripting vulnerability that stems from Favicon by plugin fails to properly clean and escape the json_result_url parameter before exporting it back to the Favicon admin dashboard, which can be exploited by an attacker to cause a reflection cross-site scripting issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress favicon by realfavicongenerator plugin | lt | 1.3.23 |
Related
prion
prion
Cross site scripting
2022-04-11 15:15:00
nvd
nvd
CVE-2022-0471
2022-04-11 15:15:08
wpexploit
wpexploit
Favicon by RealFaviconGenerator < 1.3.23 - Reflected Cross-Site Scripting
2022-03-21 00:00:00
cvelist
cvelist
openvas
openvas
WordPress Favicon by RealFaviconGenerator Plugin < 1.3.23 XSS Vulnerability
2022-04-27 00:00:00
wpvulndb
wpvulndb
Favicon by RealFaviconGenerator < 1.3.23 - Reflected Cross-Site Scripting
2022-03-21 00:00:00
patchstack
patchstack
cve
cve
CVE-2022-0471
2022-04-11 15:15:08