Lucene search
China National Vulnerability DatabaseCNVD-2022-61903HistoryJun 13, 2022 - 12:00 a.m.
WordPress WPQA plugin cross-site scripting vulnerability
2022-06-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
wordpress
wpqa plugin
cross-site scripting
vulnerability
javascript
client side
EPSS
0.002
Percentile
56.3%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions of WordPress WPQA plugin prior to 5.4, which stems from the plugin’s failure to clean up and escape parameters on the reset password form. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
Related
prion
prion
Cross site scripting
2022-06-08 10:15:00
cve
cve
CVE-2022-1597
2022-06-08 10:15:09
patchstack
patchstack
nvd
nvd
CVE-2022-1597
2022-06-08 10:15:09
nuclei
nuclei
WordPress WPQA <5.4 - Cross-Site Scripting
2022-05-17 08:26:45
cvelist
cvelist
CVE-2022-1597 WPQA < 5.4 - Reflected Cross-Site Scripting
2022-06-06 08:51:10