Lucene search
Lana Codes (Patchstack Alliance)PATCHSTACK:29CD5A38409F3C79AD61F0DB6481807CHistoryOct 27, 2022 - 12:00 a.m.
WordPress 3D Tag Cloud plugin <= 3.8 - Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability
2022-10-2700:00:00
Lana Codes (Patchstack Alliance)
patchstack.com
7
wordpress
3d tag cloud
stored cross-site scripting
cross-site request forgery
csrf
patchstack alliance
vulnerability
0.001 Low
EPSS
Percentile
24.3%
Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability discovered by Lana Codes (Patchstack Alliance) in the WordPress 3D Tag Cloud plugin (versions <= 3.8).
Solution
Deactivate and delete. This plugin has been closed as of September 22, 2022 and is not available for download. This closure is temporary, pending a full review.
| CPE | Name | Operator | Version |
|---|---|---|---|
| 3d tag cloud | le | 3.8 |
Related
nvd
nvd
CVE-2022-41990
2024-01-17 17:15:09
prion
prion
Cross site request forgery (csrf)
2024-01-17 17:15:00
wpvulndb
wpvulndb
cvelist
cvelist
cve
cve
CVE-2022-41990
2024-01-17 17:15:09
wordfence
wordfence