Lucene search
PRIOn knowledge basePRION:CVE-2022-4782HistoryAug 16, 2023 - 12:15 p.m.
Cross site scripting
2023-08-1612:15:00
PRIOn knowledge base
www.prio-n.com
3
clickfunnels
wordpress
plugin
vulnerability
stored cross-site scripting
0.0004 Low
EPSS
Percentile
14.1%
The ClickFunnels WordPress plugin through 3.1.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| clickfunnels | le | 3.1.1 |
Related
wpvulndb
wpvulndb
ClickFunnels <= 3.1.1 - Contributor+ Stored XSS via Shortcode
2023-04-26 00:00:00
cvelist
cvelist
CVE-2022-4782 ClickFunnels <= 3.1.1 - Contributor+ Stored XSS via Shortcode
2023-08-16 11:03:19
wpexploit
wpexploit
ClickFunnels <= 3.1.1 - Contributor+ Stored XSS via Shortcode
2023-04-26 00:00:00
cve
cve
CVE-2022-4782
2023-08-16 12:15:11
nvd
nvd
CVE-2022-4782
2023-08-16 12:15:11
wordfence
wordfence