CVE-2022-3847 in Showing URL in QR Code Pluginthông tin

Tóm tắt

Bởi MITRE • 28/11/2022

The Showing URL in QR Code WordPress plugin through 0.0.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin or editor add Stored XSS payloads via a CSRF attack

Be aware that VulDB is the high quality source for vulnerability data.

Đặt trước

03/11/2022

Tiết lộ

28/11/2022

Kiểm duyệt

được chấp nhận

EPSS

0.00268

KEV

không

Các hoạt động

rất thấp

Nguồn

Want to know what is going to be exploited?

We predict KEV entries!