Lucene search
China National Vulnerability DatabaseCNVD-2022-70819HistoryMar 24, 2022 - 12:00 a.m.
WordPress Export All URLs plugin cross-site scripting vulnerability
2022-03-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
40.4%
WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. WordPress plugin is an application plugin for WordPress. A cross-site scripting vulnerability exists in versions of the WordPress Export All URLs plugin prior to 4.2, which stems from the plugin’s failure to clean and escape CSV filenames before exporting them back to the page. The vulnerability is caused by the plugin’s failure to clean and escape CSV filenames before exporting them back to the page, which can be exploited to cause a reflected cross-site scripting attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress export all urls plugin | lt | 4.2 |
Related
cvelist
cvelist
CVE-2022-0892 Export All URLs < 4.2 - Reflected Cross-Site Scripting
2022-04-11 14:40:53
nvd
nvd
CVE-2022-0892
2022-04-11 15:15:08
cve
cve
CVE-2022-0892
2022-04-11 15:15:08
patchstack
patchstack
prion
prion
Cross site scripting
2022-04-11 15:15:00
openvas
openvas
WordPress Export All URLs Plugin < 4.2 Multiple Vulnerabilities
2023-09-14 00:00:00