CVE-2022-2565 - CERT CVE

  1. CVE-2022-2565

ID CVE-2022-2565
Sažetak The Simple Payment Donations & Subscriptions WordPress plugin before 4.2.1 does not sanitise and escape user input given in its forms, which could allow unauthenticated attackers to perform Cross-Site Scripting attacks against admins
Reference
CVSS
Base: 7.2
Impact: 2.7
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW -
Impact
PovjerljivostCjelovitostDostupnost
LOW LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Zadnje važnije ažuriranje 08-09-2022 - 03:48
Objavljeno 05-09-2022 - 13:15