Lucene search
Geovanni CamposWPVDB-ID:ACC9675A-56F6-411A-9594-07144C2AAD1BHistoryAug 22, 2022 - 12:00 a.m.
Classified Listing Pro < 2.0.20 - Reflected Cross-Site Scripting
2022-08-2200:00:00
Geovanni Campos
wpscan.com
6
classified listing pro
2.0.20
reflected cross-site scripting
plugin
escape
generated url
xss
EPSS
0.001
Percentile
40.2%
The plugin does not escape a generated URL before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting
PoC
https://example.com/all-ads/?“> https://example.com/all-properties/?”>
Related
cvelist
cvelist
wpexploit
wpexploit
Classified Listing Pro < 2.0.20 - Reflected Cross-Site Scripting
2022-08-22 00:00:00
nvd
nvd
CVE-2022-2655
2022-09-16 09:15:10
prion
prion
Cross site scripting
2022-09-16 09:15:00
cve
cve
CVE-2022-2655
2022-09-16 09:15:10