Lucene search
K

47 matches found

Prion
Prion
added 2022/05/16 3:15 p.m.13 views

Cross site scripting

The Call Now Button WordPress plugin before 1.1.2 does not escape a parameter before outputting it back in an attribute of a hidden input, leading to a Reflected Cross-Site Scripting when the premium is enabled...

4.3CVSS6.1AI score0.00773EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/05/16 2:31 p.m.75 views

CVE-2022-1455

The CVE-2022-1455 entry concerns the WordPress Call Now Button plugin prior to version 1.1.2, where a parameter output into a hidden input attribute is not escaped, enabling Reflected Cross-Site Scripting. The vulnerability affects versions before 1.1.2; the root cause is failure to escape user-c...

6.1CVSS6AI score0.00773EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/05/16 2:31 p.m.20 views

CVE-2022-1455 Call Now Button < 1.1.2 - Reflected Cross-Site Scripting

The Call Now Button WordPress plugin before 1.1.2 does not escape a parameter before outputting it back in an attribute of a hidden input, leading to a Reflected Cross-Site Scripting when the premium is enabled...

6.2AI score0.00773EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.6 views

WordPress plugin Call Now Button 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions of the WordPress Call Now Buttons plugin prior ...

6.1CVSS6.3AI score0.00773EPSS
Exploits2References2
wpexploit
wpexploit
added 2022/04/25 12:0 a.m.164 views

Call Now Button < 1.1.2 - Reflected Cross-Site Scripting

The plugin does not escape a parameter before outputting it back in an attribute of a hidden input, leading to a Reflected Cross-Site Scripting when the premium is enabled With premium enabled: http://example.com/wp-admin/admin.php?page=call-now-button&bid=xxxxx" accesskey=X onclick=alert/XSS/...

6.1CVSS0.2AI score0.00773EPSS
Exploits2
Patchstack
Patchstack
added 2022/04/25 12:0 a.m.26 views

WordPress Call Now Button plugin <= 1.1.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by 7coo and JrXnm in WordPress Call Now Button plugin versions = 1.1.1. Solution Update the WordPress Call Now Button plugin to the latest available version at least 1.1.2...

6.1CVSS2.1AI score0.00773EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.10 views

WordPress WordPress Easy Call Now Button by elixirs.io plugin <= 1.0.5 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WordPress Easy Call Now Button by elixirs.io plugin versions = 1.0.5. Solution No patched version available...

2AI score
Exploits0References2Affected Software1
Rows per page
Query Builder