Cross site scripting

2020-08-3117:15:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.7%

controller/controller-comments.php in WP GDPR plugin through 2.1.1 has unauthenticated stored XSS.

CPENameOperatorVersion
wp-gdpreq2.1.1

CPE	Name	Operator	Version
	wp-gdpr	eq	2.1.1

References

blog.nintechnet.com/unauthenticated-stored-xss-and-content-spoofing-vulnerabilities-in-wordpress-wp-gdpr-plugin-unpatched/