Lucene search
WpvulndbWPVDB-ID:27A57F0B-C5B5-4D0E-928F-00DA64239212HistoryJan 03, 2023 - 12:00 a.m.
Blockonomics < 3.5.8 - Reflected Cross-Site Scripting
2023-01-0300:00:00
wpscan.com
8
blockonomics plugin
version 3.5.8
reflected cross-site scripting
filter_by parameter
high privilege users
admin
0.001 Low
EPSS
Percentile
27.1%
The plugin does not sanitise and escape the filter_by parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
| CPE | Name | Operator | Version |
|---|---|---|---|
| blockonomics-bitcoin-payments | lt | 3.5.8 |
Related
cve
cve
CVE-2022-47145
2023-03-23 17:15:13
prion
prion
Cross site scripting
2023-03-23 17:15:00
nvd
nvd
CVE-2022-47145
2023-03-23 17:15:13
cvelist
cvelist