Lucene search
Donato Di PasqualePATCHSTACK:AE031606BD2BFC75C5E8C0173CF38A10HistoryJul 04, 2022 - 12:00 a.m.
WordPress Name Directory plugin <= 1.25.3 - Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability
2022-07-0400:00:00
Donato Di Pasquale
patchstack.com
3
0.001 Low
EPSS
Percentile
26.5%
Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability discovered by Donato Di Pasquale in WordPress Name Directory plugin (versions <= 1.25.3).
Solution
Update the WordPress Name Directory plugin to the latest available version (at least 1.25.4).
| CPE | Name | Operator | Version |
|---|---|---|---|
| name directory | le | 1.25.3 |
Related
wpvulndb
wpvulndb
Name Directory < 1.25.4 - Stored Cross-Site Scripting via CSRF
2022-07-04 00:00:00
nvd
nvd
CVE-2022-2071
2022-07-25 13:15:08
wpexploit
wpexploit
Name Directory < 1.25.4 - Stored Cross-Site Scripting via CSRF
2022-07-04 00:00:00
cvelist
cvelist
CVE-2022-2071 Name Directory < 1.25.4 - Stored Cross-Site Scripting via CSRF
2022-07-25 12:46:28
prion
prion
Cross site request forgery (csrf)
2022-07-25 13:15:00
cnvd
cnvd
WordPress plugin Name Directory跨站请求伪造漏洞
2022-07-27 00:00:00
cve
cve
CVE-2022-2071
2022-07-25 13:15:08