2 matches found
CVE-2022-3853
CVE-2022-3853 describes a Cross-site Scripting (XSS) vulnerability in the WordPress plugin Supra CSV (≤ 4.0.3) caused by a stored XSS via CSRF. Affected component: Supra CSV WordPress plugin. Public references state the issue as stored XSS via CSRF; no explicit exploit details or in‑the‑wild expl...
CVE-2022-3853 Supra CSV <= 4.0.3 - Stored Cross-Site Scripting via CSRF
Cross-site Scripting XSS is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application...