Vector Strings

Severity Score: 5.4
Severity: MEDIUM
Exploitability Score: 2.3
Impact Score: 2.7

Access Vector (AV):
Access Complexity (AC):
Authentication (AU): LOW
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): NONE

Published Date: 2022-12-12
Last Modified: 2023-11-07

CVE-2022-3934

About:
The FlatPM WordPress plugin before 3.0.13 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin

References

https://wpscan.com/vulnerability/ab68381f-c4b8-4945-a6a5-1d4d6473b73a

Related CVEs

No related CVEs.

Empower Your Security Strategy with Rainforest

Discover vulnerabilities early, prioritize critical threats, and protect what truly matters. Rainforest streamlines your security operations, saving you time and reducing costs, so you can focus on what drives your business forward.

Book a Demo