Update CVE-2022-0220.yaml

patch-1
Ritik Chaddha 2022-07-26 11:54:11 +05:30 committed by GitHub
parent 38e826c697
commit 54f6e6166f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions

View File

@ -8,6 +8,7 @@ info:
The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.27, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web browser led to this endpoint. Javascript code may be executed on a victim's browser. Due to v1.9.26 adding a CSRF check, the XSS is only exploitable against unauthenticated users (as they all share the same nonce) The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.27, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web browser led to this endpoint. Javascript code may be executed on a victim's browser. Due to v1.9.26 adding a CSRF check, the XSS is only exploitable against unauthenticated users (as they all share the same nonce)
reference: reference:
- https://wpscan.com/vulnerability/a91a01b9-7e36-4280-bc50-f6cff3e66059 - https://wpscan.com/vulnerability/a91a01b9-7e36-4280-bc50-f6cff3e66059
- https://nvd.nist.gov/vuln/detail/CVE-2022-0220
tags: cve,cve2022,wordpress,wp-plugin,wp,xss tags: cve,cve2022,wordpress,wp-plugin,wp,xss
requests: requests: