Lucene search
China National Vulnerability DatabaseCNVD-2022-56493HistoryJun 15, 2022 - 12:00 a.m.
WordPress Simple Membership plugin跨站脚本漏洞
2022-06-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
wordpress
cross-site scripting
vulnerability
php
ajax
client-side
wordpress foundation
EPSS
0.001
Percentile
43.5%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in versions of the WordPress Simple Membership plugin prior to 4.1.1, which stems from not properly cleaning and escaping parameters before exporting them back to AJAX operations. parameters before outputting them back to the AJAX operation. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
Related
prion
prion
Cross site scripting
2022-06-13 13:15:00
wpvulndb
wpvulndb
Simple Membership < 4.1.1 - Reflected Cross-Site Scripting
2022-05-23 00:00:00
cvelist
cvelist
CVE-2022-1724 Simple Membership < 4.1.1 - Reflected Cross-Site Scripting
2022-06-13 12:42:31
nvd
nvd
CVE-2022-1724
2022-06-13 13:15:11
wpexploit
wpexploit
Simple Membership < 4.1.1 - Reflected Cross-Site Scripting
2022-05-23 00:00:00
nuclei
nuclei
WordPress Simple Membership <4.1.1 - Cross-Site Scripting
2022-06-23 18:14:17
patchstack
patchstack
cve
cve
CVE-2022-1724
2022-06-13 13:15:11