Lucene search
China National Vulnerability DatabaseCNVD-2023-05042HistoryFeb 14, 2022 - 12:00 a.m.
WordPress CP Blocks plugin cross-site scripting vulnerability
2022-02-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
2
0.001 Low
EPSS
Percentile
38.3%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. A cross-site scripting vulnerability exists in versions of the WordPress CP Blocks plugin prior to 1.0.15, which stems from the plugin’s failure to clean and escape its “License ID” setting. A highly privileged attacker could exploit this vulnerability to perform cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress cp blocks | lt | 1.0.15 |
Related
wpexploit
wpexploit
CP Blocks < 1.0.15 - Admin+ Stored Cross-Site Scripting
2022-02-02 00:00:00
cvelist
cvelist
CVE-2022-0448 CP Blocks < 1.0.15 - Admin+ Stored Cross-Site Scripting
2022-03-07 08:16:48
cve
cve
CVE-2022-0448
2022-03-07 09:15:09
wpvulndb
wpvulndb
CP Blocks < 1.0.15 - Admin+ Stored Cross-Site Scripting
2022-02-02 00:00:00
packetstorm
packetstorm
WordPress CP Blocks 1.0.14 Cross Site Scripting
2022-02-08 00:00:00
zdt
zdt
patchstack
patchstack
prion
prion
Cross site scripting
2022-03-07 09:15:00
nvd
nvd
CVE-2022-0448
2022-03-07 09:15:09
exploitdb
exploitdb
WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting (XSS)
2022-02-08 00:00:00