Lucene search
Kevin Barbón GarcíaWPEX-ID:078BD5F6-64F7-4665-825B-9FD0C2B7B91BHistoryApr 12, 2022 - 12:00 a.m.
Themify - Post Type Builder Search Addon < 1.4.0 - Reflected Cross-Site Scripting
2022-04-1200:00:00
Kevin Barbón García
66
0.001 Low
EPSS
Percentile
40.3%
The plugin does not properly escape the current page URL before reusing it in a HTML attribute, leading to a reflected cross site scripting vulnerability.
On a page or post with a search form, add the following url query parameter: ?%22%3E%3Cscript%3Ealert(1)%3C/script%3ERelated
cvelist
cvelist
patchstack
patchstack
cve
cve
CVE-2022-1047
2022-05-09 17:15:08
wpvulndb
wpvulndb
prion
prion
Cross site scripting
2022-05-09 17:15:00
nvd
nvd
CVE-2022-1047
2022-05-09 17:15:08