CVE-2022-4552 in FL3R FeelBox Pluginthông tin

Tóm tắt

Bởi MITRE • 30/01/2023

The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Đặt trước

16/12/2022

Tiết lộ

30/01/2023

Kiểm duyệt

được chấp nhận

mục

VDB-219820

CPE

sẵn sàng

CWE

CWE-352 (Đã xác nhận)

CVSS

6.1 (NVD)

EPSS

0.00130

KEV

không

Các hoạt động

rất thấp

ngành

Hostingprovider

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-4552
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-4552
CVE Details	https://www.cvedetails.com/cve/CVE-2022-4552/

◂ Trước Tổng Quan Tiếp theo ▸

Want to know what is going to be exploited?

We predict KEV entries!