Lucene search
PRIOn knowledge basePRION:CVE-2022-1951HistoryJul 11, 2022 - 1:15 p.m.
Cross site scripting
2022-07-1113:15:00
PRIOn knowledge base
www.prio-n.com
4
0.001 Low
EPSS
Percentile
44.3%
The core plugin for kitestudio WordPress plugin before 2.3.1 does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected Cross-Site Scripting.
| CPE | Name | Operator | Version |
|---|---|---|---|
| core_plugin_for_kitestudio_themes | lt | 2.3.1 |
Related
cnvd
cnvd
WordPress core plugin for kitestudio pluginθ·¨η«θζ¬ζΌζ΄
2022-07-13 00:00:00
patchstack
patchstack
cvelist
cvelist
nvd
nvd
CVE-2022-1951
2022-07-11 13:15:08
wpexploit
wpexploit
Core Plugin for Kitestudio Themes < 2.3.1 - Reflected Cross-Site-Scripting
2022-06-15 00:00:00
wpvulndb
wpvulndb
Core Plugin for Kitestudio Themes < 2.3.1 - Reflected Cross-Site-Scripting
2022-06-15 00:00:00
cve
cve
CVE-2022-1951
2022-07-11 13:15:08