Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Embed Swagger Project Subscribe
Filtered by product Embed Swagger
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0381 1 Embed Swagger Project 1 Embed Swagger 2022-02-09 4.3 MEDIUM 6.1 MEDIUM
The Embed Swagger WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping/sanitization and validation via the url parameter found in the ~/swagger-iframe.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 1.0.0.