Lucene search
K

5 matches found

OSV
OSV
added 2022/07/17 11:15 a.m.4 views

CVE-2022-2187

The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS5.8AI score0.01277EPSS
Exploits2References1
NVD
NVD
added 2022/07/17 11:15 a.m.14 views

CVE-2022-2187

The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS0.01277EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/07/17 11:15 a.m.7 views

CVE-2022-2187

The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS6.4AI score0.01277EPSS
Exploits2References3
Cvelist
Cvelist
added 2022/07/17 10:37 a.m.22 views

CVE-2022-2187 Contact Form 7 Captcha < 0.1.2 - Reflected Cross-Site Scripting

The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.2AI score0.01277EPSS
Exploits2References1
CVE
CVE
added 2022/07/17 10:37 a.m.82 views

CVE-2022-2187

The CVE-2022-2187 issue affects the WordPress Contact Form 7 Captcha plugin (versions before 0.1.2). Root cause: the plugin does not escape the $_SERVER['REQUEST_URI'] value before outputting it in an attribute, allowing reflected XSS in some browsers. Impact: reflected XSS could enable script in...

6.1CVSS6AI score0.01277EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder