CVE-2022-3847 in Showing URL in QR Code Plugininformación

Resumen

por MITRE • 2022-11-28

The Showing URL in QR Code WordPress plugin through 0.0.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin or editor add Stored XSS payloads via a CSRF attack

Be aware that VulDB is the high quality source for vulnerability data.

Reservar

2022-11-03

Divulgación

2022-11-28

Moderación

aceptado

Artículo

VDB-214460

CPE

listo

EPSS

0.00268

KEV

no

Actividades

muy bajo

Fuentes

Do you want to use VulDB in your project?

Use the official API to access entries easily!