Vulnérabilité CVE-2022-4307 CVE Vulnerability

The ?????? ?????? ?????? WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin. (CVSS:0.0) (Last Update:2023-01-23)

Vulnerability Details : The ?????? ?????? ?????? WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin. Publish Date : 2023-01-23 Last Update Date : 2023-01-23 - CVSS Scores & Vulnerability Types CVSS Score 0.0 Confidentiality Impact ??? Integrity Impact ??? Availability Impact ??? Access Complexity ??? Authentication ??? Gained Access None Vulnerability Type(s) Cross Site Scripting CWE ID 79 - Products Affected By CVE-2022-4307 # Product Type Vendor Product Version Update Edition Language No vulnerable product found. If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores. Please check again in a few days. - References For CVE-2022-4307 https://wpscan.com/vulnerability/4000ba69-d73f-4c5b-a299-82898304cebb

- Metasploit Modules Related To CVE-2022-4307 There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)