Lucene search
WpvulndbWPEX-ID:656C368A-80BF-44C9-8382-E920B335B921HistoryFeb 17, 2022 - 12:00 a.m.
Profile Builder < 3.6.2 - Reflected Cross-Site Scripting
2022-02-1700:00:00
wpvulndb
59
0.002 Low
EPSS
Percentile
58.9%
The plugin does not properly sanitise and escape the site_url parameter before outputting it back in an href attribute, leading to a Reflected Cross-Site Scripting issue
https://example.com/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(`XSS`);&message=Page%20Not%Found&site_name=404Related
cve
cve
CVE-2022-0653
2022-02-24 19:15:09
wpvulndb
wpvulndb
Profile Builder < 3.6.2 - Reflected Cross-Site Scripting
2022-02-17 00:00:00
nvd
nvd
CVE-2022-0653
2022-02-24 19:15:09
zdt
zdt
patchstack
patchstack
cvelist
cvelist
wordfence
wordfence
nuclei
nuclei
Wordpress Profile Builder Plugin Cross-Site Scripting
2022-02-24 11:33:20
cnvd
cnvd
prion
prion
Cross site scripting
2022-02-24 19:15:00