Lucene search
China National Vulnerability DatabaseCNVD-2022-22330HistoryMar 16, 2022 - 12:00 a.m.
WordPress Cybersoldier Cross-Site Scripting Vulnerability
2022-03-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
wordpress
cybersoldier
cross-site scripting
vulnerability
php
url settings
attacker
EPSS
0.001
Percentile
24.8%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in WordPress Cybersoldier, which stems from not cleaning and escaping URL settings before exporting them to properties, and can be exploited by a highly privileged attacker to perform cross site scripting attacks.
Related
cvelist
cvelist
CVE-2021-24895 Cybersoldier < 1.7.0 - Admin+ Stored Cross-Site Scripting
2022-03-14 14:40:56
cve
cve
CVE-2021-24895
2022-03-14 15:15:08
prion
prion
Cross site scripting
2022-03-14 15:15:00
nvd
nvd
CVE-2021-24895
2022-03-14 15:15:08