Lucene search
China National Vulnerability DatabaseCNVD-2022-88245HistorySep 28, 2022 - 12:00 a.m.
WordPress Generate PDF cross-site scripting vulnerability
2022-09-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.001 Low
EPSS
Percentile
24.9%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions prior to WordPress Generate PDF 3.6. The vulnerability stems from the fact that cleanup and escaping are not set for it, and a highly privileged attacker such as an administrator can use the vulnerability to launch a cross-site scripting attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress generate pdf | lt | 3.6 |
Related
prion
prion
Cross site scripting
2022-09-26 13:15:00
cve
cve
CVE-2022-3070
2022-09-26 13:15:10
wpvulndb
wpvulndb
Generate PDF using Contact Form 7 < 3.6 - Admin+ Stored Cross-Site Scripting
2022-08-31 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2022-3070
2022-09-26 13:15:10
wpexploit
wpexploit
Generate PDF using Contact Form 7 < 3.6 - Admin+ Stored Cross-Site Scripting
2022-08-31 00:00:00