Lucene search
PRIOn knowledge basePRION:CVE-2022-1938HistoryJul 11, 2022 - 1:15 p.m.
Cross site scripting
2022-07-1113:15:00
PRIOn knowledge base
www.prio-n.com
5
0.001 Low
EPSS
Percentile
25.0%
The Awin Data Feed WordPress plugin before 1.8 does not sanitise and escape a header when processing request to generate analytics data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against a logged in admin viewing the plugin’s settings
| CPE | Name | Operator | Version |
|---|---|---|---|
| awin_data_feed | lt | 1.8 |
Related
cve
cve
CVE-2022-1938
2022-07-11 13:15:08
cvelist
cvelist
cnvd
cnvd
WordPress Awin Data Feed plugin跨站脚本漏洞
2022-07-13 00:00:00
nvd
nvd
CVE-2022-1938
2022-07-11 13:15:08