Lucene search

K

PRIOn knowledge basePRION:CVE-2022-1567

HistoryMay 10, 2022 - 8:15 p.m.

Cross site scripting

2022-05-1020:15:00

PRIOn knowledge base

www.prio-n.com

2

0.001 Low

EPSS

Percentile

30.8%

The WP-JS plugin for WordPress contains a script called wp-js.php with the function wp_js_admin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cross-Site Scripting in versions up to, and including, 2.0.6.

CPENameOperatorVersion
wp-jsle2.0.6

References

plugins.trac.wordpress.org/browser/wp-js/trunk/wp-js.php?rev=100281

www.wordfence.com/threat-intel/vulnerabilities/id/0ab82117-73dd-4257-8dfc-01dadcc3a83f?source=cve

www.wordfence.com/vulnerability-advisories/

0.001 Low

EPSS

Percentile

30.8%

Related for PRION:CVE-2022-1567

nvd1 wpvulndb1 patchstack1 cvelist1 cve1