Lucene search
China National Vulnerability DatabaseCNVD-2023-06541HistoryFeb 16, 2022 - 12:00 a.m.
WordPress PowerPack Lite for Beaver Builder plugin cross-site scripting vulnerability
2022-02-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
30.0%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions of the WordPress PowerPack Lite for Beaver Builder plugin prior to 1.2.9.3. The vulnerability stems from the plugin’s failure to filter and escape tag parameters before outputting to the admin page, which can be exploited by attackers to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress powerpack lite for beaver builder plugin <1. | eq | 2.9.3 |
Related
cve
cve
CVE-2022-0176
2022-02-14 12:15:16
patchstack
patchstack
wpexploit
wpexploit
PowerPack Lite for Beaver Builder < 1.2.9.3 - Reflected Cross-Site Scripting
2022-01-12 00:00:00
wpvulndb
wpvulndb
PowerPack Lite for Beaver Builder < 1.2.9.3 - Reflected Cross-Site Scripting
2022-01-12 00:00:00
cvelist
cvelist
prion
prion
Cross site scripting
2022-02-14 12:15:00
nvd
nvd
CVE-2022-0176
2022-02-14 12:15:16