Wordpress Profile Builder Plugin 漏洞列表
共找到 1 个与 Wordpress Profile Builder Plugin 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2022-0653: Wordpress Profile Builder Plugin Cross-Site Scripting POC
The Profile Builder User Profile & User Registration Forms WordPress plugin is vulnerable to cross-site scripting due to insufficient escaping and sanitization of the site_url parameter found in the ~/assets/misc/fallback-page.php file which allows attackers to inject arbitrary web scripts onto a pages that executes whenever a user clicks on a specially crafted link by an attacker. This affects versions up to and including 3.6.1..