Lucene search
China National Vulnerability DatabaseCNVD-2022-86370HistoryNov 30, 2022 - 12:00 a.m.
WordPress WP Affiliate Platform plugin reflective cross-site scripting vulnerability
2022-11-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
wordpress
affiliate platform
plugin
cross-site scripting
vulnerability
php
xss
attack
security
0.001 Low
EPSS
Percentile
35.7%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin WP Affiliate Platform 6.3.9 and previous versions are vulnerable to a cross-site scripting vulnerability caused by insufficient cleanup and output escaping of the $_SERVER[ REQUEST_URI ] parameter, which could be exploited to inject cross-site code and launch an XSS attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wp affiliate platform plugin | le | 6.3.9 |
Related
cve
cve
CVE-2022-3896
2022-11-29 21:15:11
cvelist
cvelist
CVE-2022-3896
2022-11-29 20:41:47
prion
prion
Cross site scripting
2022-11-29 21:15:00
nvd
nvd
CVE-2022-3896
2022-11-29 21:15:11
wpvulndb
wpvulndb
WP Affiliate Platform < 6.4.0 - Reflected Cross-Site Scripting
2022-11-14 00:00:00