Lucene search
K

4 matches found

Prion
Prion
added 2022/09/19 2:15 p.m.21 views

Cross site scripting

The Gettext override translations WordPress plugin before 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite set...

4.3CVSS4.7AI score0.0056EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/09/19 2:1 p.m.69 views

CVE-2022-3036

CVE-2022-3036 affects the WordPress plugin Gettext override translations prior to version 2.0.0. The vulnerability arises from insufficient sanitisation/escaping of certain settings, enabling a high-privilege user (e.g., admin) to perform a Stored XSS attack, even when unfiltered_html is disallow...

4.8CVSS4.7AI score0.0056EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/19 12:0 a.m.4 views

PT-2022-20073 · WordPress · Gettext Override Translations

Name of the Vulnerable Software and Affected Versions: Gettext override translations WordPress plugin versions prior to 2.0.0 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability...

4.8CVSS4.6AI score0.0056EPSS
Exploits2References3
CNNVD
CNNVD
added 2022/09/19 12:0 a.m.2 views

WordPress plugin Gettext override translations 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS4.9AI score0.0056EPSS
Exploits2References2
Rows per page
Query Builder