Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-86547
HistoryOct 13, 2021 - 12:00 a.m.

WordPress Duplicate Page plugin cross-site scripting vulnerability

2021-10-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
7

0.001 Low

EPSS

Percentile

24.8%

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Duplicate Page plugin 4.4.2 and earlier versions have a cross-site scripting vulnerability that stems from the plugin’s failure to clean up or escape Duplication Post Suffix settings before output. An attacker could use this vulnerability to execute JavaScript code on the client side.

CPENameOperatorVersion
wordpress duplicate page pluginle4.4.2

0.001 Low

EPSS

Percentile

24.8%