5.4
CVE-2022-4058
- EPSS 0.11%
- Published 19.12.2022 14:15:11
- Last modified 21.11.2024 07:34:31
- Source contact@wpscan.com
- Teams watchlist Login
- Open Login
The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control.
Data is provided by the National Vulnerability Database (NVD)
10web ≫ Photo Gallery SwPlatformwordpress Version < 1.8.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Type | Source | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.11% | 0.293 |
Source | Base Score | Exploit Score | Impact Score | Vector string |
---|---|---|---|---|
nvd@nist.gov | 5.4 | 2.3 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
|