Lucene search
China National Vulnerability DatabaseCNVD-2022-86378HistoryNov 30, 2022 - 12:00 a.m.
WordPress Showing URL in QR Code plugin cross-site scripting vulnerability
2022-11-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
wordpress
qr code
cross-site scripting
vulnerability
php
blogging platform
cross-site request forgery
user input
xss attack
0.001 Low
EPSS
Percentile
30.4%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Showing URL in QR Code plugin 0.0.1 and earlier versions have a cross-site scripting vulnerability, which stems from the lack of cross-site request forgery checks and the lack of cleanup and escaping of user input when updating settings, which can be exploited to inject cross-site code to launch an XSS attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress showing url in qr code plugin | le | 0.0.1 |
Related
prion
prion
Cross site request forgery (csrf)
2022-11-28 14:15:00
wpvulndb
wpvulndb
Showing URL in QR Code <= 0.0.1 - Stored XSS via CSRF
2022-11-03 00:00:00
wpexploit
wpexploit
Showing URL in QR Code <= 0.0.1 - Stored XSS via CSRF
2022-11-03 00:00:00
cve
cve
CVE-2022-3847
2022-11-28 14:15:17
nvd
nvd
CVE-2022-3847
2022-11-28 14:15:17
cvelist
cvelist
CVE-2022-3847 Showing URL in QR Code <= 0.0.1 - Stored XSS via CSRF
2022-11-28 13:50:08