Design/Logic Flaw

2019-09-1312:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

44.8%

The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter.

CPENameOperatorVersion
wp-whois-domaineq1.0.0

CPE	Name	Operator	Version
	wp-whois-domain	eq	1.0.0

References

rastating.github.io/wp-whois-domain-reflected-xss/

wordpress.org/plugins/wp-whois-domain/

0.001 Low

EPSS

Percentile

44.8%

Related for PRION:CVE-2017-18612