Lucene search
K

4 matches found

NVD
NVD
added 2023/01/23 3:15 p.m.26 views

CVE-2022-4307

The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin...

6.1CVSS6AI score0.00526EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/01/23 2:31 p.m.25 views

CVE-2022-4307 Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS

The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin...

6.1AI score0.00526EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/01/23 2:31 p.m.6 views

CVE-2022-4307 Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS

The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin...

6AI score0.00526EPSS
Exploits2References1
CVE
CVE
added 2023/01/23 2:31 p.m.52 views

CVE-2022-4307

CVE-2022-4307 affects the Pardakht Delkhah WordPress plugin prior to 2.9.3. The plugin fails to sanitise/escape several parameters, enabling unauthenticated attackers to craft requests containing XSS payloads that are triggered when a high-privilege user (e.g., admin) visits a plugin page. Report...

6.1CVSS6AI score0.00526EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder