daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auto Generated CVE annotations [Thu Dec 1 07:37:05 UTC 2022] 🤖

patch-1
GitHub Action 2022-12-01 07:37:05 +00:00
parent 8cc6518080
commit da8f1ef179
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cves/2022/CVE-2022-3506.yaml
View File

@ -8,9 +8,16 @@ info:
The Related Posts for WordPress plugin is vulnerable to stored XSS, specifically in the rp4wp[heading_text] parameter because the user input is not properly sanitized, allowing the insertion of JavaScript code that can exploit the vulnerability. The Related Posts for WordPress plugin is vulnerable to stored XSS, specifically in the rp4wp[heading_text] parameter because the user input is not properly sanitized, allowing the insertion of JavaScript code that can exploit the vulnerability.
reference: reference:
- https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828/ - https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828/
- https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828
- https://github.com/barrykooij/related-posts-for-wp/commit/37733398dd88863fc0bdb3d6d378598429fd0b81
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
cve-id: CVE-2022-3506
cwe-id: CWE-79
metadata: metadata:
verified: true verified: "true"
tags: cve,cve2022,wordpress,wp,wp-plugin,xss,relatedposts,authenticated tags: wordpress,wp,wp-plugin,relatedposts,cve,cve2022,xss,authenticated,huntr
requests: requests:
- raw: - raw: