CVE-2023-2835 in WP Directory Kit Plugininfo

Zusammenfassung

von MITRE • 02.06.2023

The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

Be aware that VulDB is the high quality source for vulnerability data.

Zuständig

Wordfence

Reservieren

22.05.2023

Veröffentlichung

02.06.2023

Moderieren

akzeptiert

Eintrag

VDB-230521

CPE

bereit

Exploit

Download

EPSS

0.00728

KEV

nein

Aktivitäten

very low

Quellen

Might our Artificial Intelligence support you?

Check our Alexa App!