Lucene search
China National Vulnerability DatabaseCNVD-2022-87375HistoryOct 11, 2022 - 12:00 a.m.
WordPress Donation Thermometer Cross-Site Scripting Vulnerability
2022-10-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
wordpress
cross-site scripting
vulnerability
php
foundation
administrator
xss attack
unfiltered html
version 2.1.3
EPSS
0.001
Percentile
24.8%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. cross-site scripting vulnerability exists in versions prior to WordPress Donation Thermometer 2.1.3. The vulnerability stems from the fact that certain settings are not cleaned and escaped, and even if the unfiltered_html feature is disabled, a highly privileged attacker such as an administrator can use the vulnerability to inject cross-site code and launch XSS attacks.
Related
prion
prion
Cross site scripting
2022-10-03 14:15:00
wpexploit
wpexploit
Donation Thermometer < 2.1.3 - Admin+ Stored Cross-Site Scripting
2022-09-07 00:00:00
patchstack
patchstack
cvelist
cvelist
wpvulndb
wpvulndb
Donation Thermometer < 2.1.3 - Admin+ Stored Cross-Site Scripting
2022-09-07 00:00:00
nvd
nvd
CVE-2022-3128
2022-10-03 14:15:21
ubuntucve
ubuntucve
CVE-2022-3128
2022-10-03 00:00:00
cve
cve
CVE-2022-3128
2022-10-03 14:15:21