CVE-2022-45816

Auth. Stored Cross-Site Scripting (XSS) vulnerability in GD bbPress Attachments plugin <= 4.3.1 on WordPress.

CVSS v3.0 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 2.7

References

Link	Resource
https://patchstack.com/database/vulnerability/gd-bbpress-attachments/wordpress-gd-bbpress-attachments-plugin-4-3-1-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:dev4press:gd_bbpress_attachments:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-12-06 14:15

Updated : 2022-12-07 12:07

NVD link : CVE-2022-45816

Mitre link : CVE-2022-45816

JSON object : View

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Products Affected

dev4press