← volver
CVE-2022-50797

Stripe Green Downloads Wordpress Plugin 2.03 Persistent XSS via Settings

CVSS 5.1 MEDIUMEPSS 0.4%CWE-79
Stripe Green Downloads Wordpress Plugin 2.03 contains a persistent cross-site scripting vulnerability allowing remote attackers to inject malicious scripts in button label fields. Attackers can exploit input parameters to execute arbitrary scripts, potentially leading to session hijacking and application module manipulation.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Productos afectados
halfdata · Stripe Green Downloads

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://halfdata.com/green-downloads/stripe/https://www.vulncheck.com/advisories/stripe-green-downloads-wordpress-plugin-persistent-xss-via-settingshttps://www.vulnerability-lab.com/get_content.php?id=2287