CVE-2022-0421

🗓️ 21 Nov 2022 11:19:15Reported by [email protected]Type

The Five Star Restaurant Reservations WordPress plugin lacks authorization and sanitization, allowing unauthenticated users to change payment status and perform Cross-Site Scripting attack

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Patchstack	WordPress Five Star Restaurant Reservations plugin <= 2.4.11 - Unauth. Arbitrary Payment Status Update leading to Stored Cross-Site Scripting (XSS) vulnerability	31 Oct 202200:00	–	patchstack
Vulnrichment	CVE-2022-0421 Five Star Restaurant Reservations < 2.4.12 - Unauthenticated Arbitrary Payment Status Update to Stored XSS	21 Nov 202200:00	–	vulnrichment
Prion	Cross site scripting	21 Nov 202211:15	–	prion
Cvelist	CVE-2022-0421 Five Star Restaurant Reservations < 2.4.12 - Unauthenticated Arbitrary Payment Status Update to Stored XSS	21 Nov 202200:00	–	cvelist
CNVD	WordPress Five Star Restaurant Reservations plugin license issue vulnerability	23 Nov 202200:00	–	cnvd
CVE	CVE-2022-0421	21 Nov 202211:15	–	cve

Nvd

Node

fivestarplugins five_star_restaurant_reservationsRange<2.4.12wordpress

Source	Link
wpscan	www.wpscan.com/vulnerability/145e8d3c-cd6f-4827-86e5-ea2d395a80b9

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo