Lucene search
China National Vulnerability DatabaseCNVD-2022-64674HistoryJun 09, 2022 - 12:00 a.m.
WordPress WP Statistics Cross-Site Scripting Vulnerability
2022-06-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
wordpress
wp statistics
cross-site scripting
vulnerability
request uri
php
web browsers
unencoded characters
EPSS
0.001
Percentile
34.0%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in versions of WordPress prior to WP Statistics 13.2.2, which stems from the plugin’s failure to clean the REQUEST_URI parameter before outputting it back to the rendered page. The vulnerability can be exploited by attackers to cause cross-site scripting (XSS) in web browsers with unencoded characters.
Related
prion
prion
Cross site scripting
2022-06-08 10:15:00
patchstack
patchstack
wpvulndb
wpvulndb
WP Statistics < 13.2.2 - Reflected Cross-Site Scripting
2022-05-10 00:00:00
cvelist
cvelist
CVE-2022-1005 WP Statistics < 13.2.2 - Reflected Cross-Site Scripting
2022-06-06 08:50:53
cve
cve
CVE-2022-1005
2022-06-08 10:15:09
wpexploit
wpexploit
WP Statistics < 13.2.2 - Reflected Cross-Site Scripting
2022-05-10 00:00:00
osv
osv
CVE-2022-1005
2022-06-08 10:15:09
openvas
openvas
WordPress WP Statistics Plugin < 13.2.2 XSS Vulnerability
2022-06-09 00:00:00
nvd
nvd
CVE-2022-1005
2022-06-08 10:15:09