Lucene search
China National Vulnerability DatabaseCNVD-2022-88217HistorySep 28, 2022 - 12:00 a.m.
WordPress CPO Shortcodes plugin cross-site scripting vulnerability
2022-09-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
wordpress
cpo shortcodes
cross-site scripting
vulnerability
filtering
escaping
user-supplied data
attacks
0.001 Low
EPSS
Percentile
19.5%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. A cross-site scripting vulnerability exists in WordPress CPO Shortcodes plugin 1.5.0 and prior versions. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data, which can be exploited by attackers to launch cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress cpo shortcodes plugin | le | 1.5.0 |
Related
nvd
nvd
CVE-2022-40672
2022-09-23 15:15:14
prion
prion
Cross site scripting
2022-09-23 15:15:00
cvelist
cvelist
patchstack
patchstack
wpvulndb
wpvulndb
CPO Shortcodes <= 1.5.0 - Admin+ Stored XSS
2022-09-15 00:00:00
cve
cve
CVE-2022-40672
2022-09-23 15:15:14