4 matches found
CVE-2022-0892
The Export All URLs WordPress plugin before 4.2 does not sanitise and escape the CSV filename before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
WordPress Export All URLs Plugin < 4.2 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:atlasgondal:exportallurls"; if description...
CVE-2022-0892
The Export All URLs WordPress plugin before 4.2 does not sanitise and escape the CSV filename before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0892
The CVE-2022-0892 entry concerns the WordPress plugin Export All URLs (versions before 4.2). The root cause is improper sanitization/escaping of the CSV filename when outputting it on the page, which enables a Reflected Cross-Site Scripting (XSS) attack. Documented impact is a reflected XSS in pa...