CVE-2022-3847 in Showing URL in QR Code Pluginالمعلومات

الملخص

بحسب MITRE • 28/11/2022

The Showing URL in QR Code WordPress plugin through 0.0.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin or editor add Stored XSS payloads via a CSRF attack

Be aware that VulDB is the high quality source for vulnerability data.

حجز

03/11/2022

إفشاء

28/11/2022

الاعتدال

تمت الموافقة

إدخال

VDB-214460

EPSS

0.00268

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Might our Artificial Intelligence support you?

Check our Alexa App!