Lucene search
China National Vulnerability DatabaseCNVD-2022-87378HistoryOct 11, 2022 - 12:00 a.m.
WordPress Goolytics Cross-Site Scripting Vulnerability
2022-10-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
wordpress
goolytics
cross-site scripting
php
mysql
vulnerability
settings
xss attack
administrator
injection
cnvd
0.001 Low
EPSS
Percentile
24.8%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions prior to WordPress Goolytics 1.1.2. The vulnerability stems from not cleaning and escaping some of its settings, even when the unfiltered_html feature is disabled and high privileges such as administrator An attacker could use the vulnerability to inject cross-site code and launch an XSS attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress goolytics | lt | 1.1.2 |
Related
cvelist
cvelist
patchstack
patchstack
ubuntucve
ubuntucve
CVE-2022-3132
2022-10-03 00:00:00
wpvulndb
wpvulndb
cve
cve
CVE-2022-3132
2022-10-03 14:15:21
prion
prion
Cross site scripting
2022-10-03 14:15:00
nvd
nvd
CVE-2022-3132
2022-10-03 14:15:21
wpexploit
wpexploit