CVE-2022-0953

🗓️ 25 Apr 2022 15:51:12Reported by WPScanType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 86 Views🌐 WEB

The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 is vulnerable to Reflected Cross-Site Scriptin

Reporter	Title	Published	Views	Family All 16
0day.today	WordPress Anti-Malware Security And Brute-Force Firewall Cross Site Scripting Vulnerability	12 Apr 202200:00	–	zdt
ATTACKERKB	CVE-2022-0953	25 Apr 202216:16	–	attackerkb
Circl	CVE-2022-0953	25 Apr 202220:36	–	circl
CNNVD	WordPress plugin Anti-Malware Security and Brute-Force Firewall 跨站脚本漏洞	11 Apr 202200:00	–	cnnvd
CNVD	WordPress plugin Anti-Malware Security and Brute-Force Firewall跨站脚本漏洞	9 May 202200:00	–	cnvd
Cvelist	CVE-2022-0953 Anti-Malware Security and Brute-Force Firewall < 4.20.96 - Reflected Cross-Site Scripting	25 Apr 202215:51	–	cvelist
EUVD	EUVD-2022-15965	3 Oct 202520:07	–	euvd
NVD	CVE-2022-0953	25 Apr 202216:16	–	nvd
OpenVAS	WordPress Anti-Malware Security and Brute-Force Firewall Plugin < 4.20.96 XSS Vulnerability	17 Sep 202200:00	–	openvas
OSV	CVE-2022-0953	25 Apr 202216:16	–	osv

NVD

Vulners

Node

download_anti-malware_security_and_brute-force_firewall_project download_anti-malware_security_and_brute-force_firewallRange<4.20.96wordpress

[
  {
    "product": "Anti-Malware Security and Brute-Force Firewall",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "4.20.96",
        "status": "affected",
        "version": "4.20.96",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/29ab3c7b-58e0-4a72-b7b4-ab12a6d54f5a

Parameter	Position	Path	Description	CWE
a	query param	/wp-admin/admin.php	Reflected XSS due to unsanitized QUERY_STRING output on admin page	CWE-79

21 Nov 2024 06:39Current

6Medium risk

Vulners AI Score6

CVSS 24.3

CVSS 3.16.1

EPSS0.00288

CWE-79