Lucene search
PRIOn knowledge basePRION:CVE-2022-3415HistoryNov 14, 2022 - 3:15 p.m.
Cross site scripting
2022-11-1415:15:00
PRIOn knowledge base
www.prio-n.com
1
wordpress
cross-site scripting
contact parameters
stored xss
unauthenticated attackers
admin view
0.001 Low
EPSS
Percentile
45.9%
The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated attackers to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message
| CPE | Name | Operator | Version |
|---|---|---|---|
| chat_bubble | lt | 2.3 |
Related
cvelist
cvelist
patchstack
patchstack
cve
cve
CVE-2022-3415
2022-11-14 15:15:48
nvd
nvd
CVE-2022-3415
2022-11-14 15:15:48
wpvulndb
wpvulndb
Chat Bubble < 2.3 - Unauthenticated Stored Cross-Site Scripting
2022-10-18 00:00:00
wpexploit
wpexploit
Chat Bubble < 2.3 - Unauthenticated Stored Cross-Site Scripting
2022-10-18 00:00:00