← voltar
CVE-2022-50797

Stripe Green Downloads Wordpress Plugin 2.03 Persistent XSS via Settings

CVSS 5.1 MEDIUMEPSS 0.4%CWE-79
Stripe Green Downloads Wordpress Plugin 2.03 contains a persistent cross-site scripting vulnerability allowing remote attackers to inject malicious scripts in button label fields. Attackers can exploit input parameters to execute arbitrary scripts, potentially leading to session hijacking and application module manipulation.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Produtos afetados
halfdata · Stripe Green Downloads

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://halfdata.com/green-downloads/stripe/https://www.vulncheck.com/advisories/stripe-green-downloads-wordpress-plugin-persistent-xss-via-settingshttps://www.vulnerability-lab.com/get_content.php?id=2287