CVE-2022-3847 in Showing URL in QR Code Plugininformação

Sumário

de MITRE • 28/11/2022

The Showing URL in QR Code WordPress plugin through 0.0.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin or editor add Stored XSS payloads via a CSRF attack

Be aware that VulDB is the high quality source for vulnerability data.

Reservar

03/11/2022

Divulgação

28/11/2022

Moderação

aceite

Entrada

VDB-214460

CPE

pronto

EPSS

0.00268

KEV

não

Atividades

muito baixo

Fontes

Do you want to use VulDB in your project?

Use the official API to access entries easily!