Lucene search
WPScanCVELIST:CVE-2022-0360HistoryFeb 28, 2022 - 9:06 a.m.
CVE-2022-0360 WP Ultimate CSV Importer < 6.4.3 - Admin+ Stored Cross-Site Scripting
2022-02-2809:06:48
CWE-79
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
31.6%
The Easy Drag And drop All Import : WP Ultimate CSV Importer WordPress plugin before 6.4.3 does not sanitise and escaped imported comments, which could allow high privilege users to import malicious ones (either intentionnaly or not) and lead to Stored Cross-Site Scripting issues
CNA Affected
[
{
"product": "Easy Drag And drop All Import : WP Ultimate CSV Importer",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.4.3",
"status": "affected",
"version": "6.4.3",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
WP Ultimate CSV Importer < 6.4.3 - Admin+ Stored Cross-Site Scripting
2022-01-26 00:00:00
cnvd
cnvd
WordPress WP Ultimate CSV Importer plugin跨站脚本漏洞
2022-03-02 00:00:00
cve
cve
CVE-2022-0360
2022-02-28 09:15:09
prion
prion
Cross site scripting
2022-02-28 09:15:00
nvd
nvd
CVE-2022-0360
2022-02-28 09:15:09
wpexploit
wpexploit
WP Ultimate CSV Importer < 6.4.3 - Admin+ Stored Cross-Site Scripting
2022-01-26 00:00:00