CVE-2022-3847 in Showing URL in QR Code Plugininformation

Résumé

par MITRE • 28/11/2022

The Showing URL in QR Code WordPress plugin through 0.0.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin or editor add Stored XSS payloads via a CSRF attack

Be aware that VulDB is the high quality source for vulnerability data.

Réserver

03/11/2022

Divulgation

28/11/2022

Modérer

accepté

Entrée

VDB-214460

CPE

prêt

EPSS

0.00268

KEV

non

Activités

très faible

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!