Lucene search
Vinay Varma Mudunuri and Krishna Harsha KondaveetiPATCHSTACK:429EC11A191A176529550E025A0B662DHistoryAug 01, 2022 - 12:00 a.m.
WordPress Student Result or Employee Database plugin <= 1.7.4 - Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability
2022-08-0100:00:00
Vinay Varma Mudunuri and Krishna Harsha Kondaveeti
patchstack.com
4
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability discovered by Vinay Varma Mudunuri and Krishna Harsha Kondaveeti in WordPress Student Result or Employee Database plugin (versions <= 1.7.4).
Solution
Update the WordPress Student Result or Employee Database plugin to the latest available version (at least 1.7.5).
| CPE | Name | Operator | Version |
|---|---|---|---|
| student result or employee database | le | 1.7.4 |
Related
prion
prion
Cross site scripting
2022-08-22 15:15:00
cve
cve
CVE-2022-2312
2022-08-22 15:15:00
wpvulndb
wpvulndb
wpexploit
wpexploit
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Related for PATCHSTACK:429EC11A191A176529550E025A0B662D