Lucene search
China National Vulnerability DatabaseCNVD-2022-72702HistoryApr 27, 2022 - 12:00 a.m.
WordPress plugin Donorbox cross-site scripting vulnerability
2022-04-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
wordpress
donorbox
cross-site scripting
vulnerability
php
mysql
attackers
cross-site attacks
EPSS
0.001
Percentile
36.0%
WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions prior to WordPress plugin Donorbox 7.1.7. The vulnerability stems from the fact that the plugin does not clean up and escape its URL settings before outputting them to properties, which can be exploited by attackers to conduct cross-site attacks.
Related
cve
cve
CVE-2022-1396
2022-04-25 16:16:08
cvelist
cvelist
CVE-2022-1396 Donorbox < 7.1.7 - Admin+ Stored Cross-Site Scripting
2022-04-25 15:51:29
nvd
nvd
CVE-2022-1396
2022-04-25 16:16:08
wpexploit
wpexploit
Donorbox < 7.1.7 - Admin+ Stored Cross-Site Scripting
2022-03-30 00:00:00
wpvulndb
wpvulndb
Donorbox < 7.1.7 - Admin+ Stored Cross-Site Scripting
2022-03-30 00:00:00
prion
prion
Cross site scripting
2022-04-25 16:16:00