Lucene search
+L

4 matches found

osv
osv
added 2024/09/26 10:15 a.m.6 views

CVE-2022-4541

The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS5.9AI score0.00438EPSS
Exploits0References3
nvd
nvd
added 2024/09/26 10:15 a.m.19 views

CVE-2022-4541

The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.2CVSS0.00438EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/09/26 9:29 a.m.29 views

CVE-2022-4541 WordPress Visitors <= 1.0 - Unauthenticated Stored Cross-Site Scripting via HTTP Header

The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.2CVSS6AI score0.00438EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2024/09/26 12:0 a.m.7 views

PT-2024-11712 · WordPress · Wordpress Visitors

Name of the Vulnerable Software and Affected Versions: WordPress Visitors plugin for WordPress version 1.0 Description: The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value due to insufficient input sanitization and output...

7.2CVSS6.5AI score0.00438EPSS
Exploits0References10
Rows per page
Query Builder