Lucene search
José RicardoWPVDB-ID:E39FCF30-1E69-4399-854C-4C5B6CCC22A2HistoryOct 10, 2022 - 12:00 a.m.
Rock Convert < 2.6.0 - Reflected Cross-Site Scripting
2022-10-1000:00:00
José Ricardo
wpscan.com
4
rock convert plugin
version 2.6.0
url attribute
cross-site scripting
widget
vulnerability
0.001 Low
EPSS
Percentile
40.3%
The plugin does not sanitise and escape an URL before outputting it back in an attribute when a specific widget is present on a page, leading to a Reflected Cross-Site Scripting
PoC
On a page where the “Capture box | Rock Convert” widget is present, append ?“>, e.g: https://example.com/?”>
| CPE | Name | Operator | Version |
|---|---|---|---|
| rock-convert | lt | 2.11.0 |
Related
cve
cve
CVE-2022-3440
2022-10-31 16:15:11
cvelist
cvelist
CVE-2022-3440 Rock Convert < 2.6.0 - Reflected Cross-Site Scripting
2022-10-31 00:00:00
nvd
nvd
CVE-2022-3440
2022-10-31 16:15:11
wpexploit
wpexploit
Rock Convert < 2.6.0 - Reflected Cross-Site Scripting
2022-10-10 00:00:00
prion
prion
Cross site scripting
2022-10-31 16:15:00
patchstack
patchstack