CVE-2022-2655

UNKNOWN 0.0

Classified Listing Pro < 2.0.20 - Reflected Cross-Site Scripting

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The Classified Listing Pro WordPress plugin before 2.0.20 does not escape a generated URL before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

CWE	CWE-79
Vendor	unknown
Product	classified listing pro - classified ads & business directory plugin
Published	Sep 16, 2022
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for unknown classified listing pro - classified ads & business directory plugin

Be the first to know when new unknown vulnerabilities affecting unknown classified listing pro - classified ads & business directory plugin are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Classified Listing Pro - Classified ads & Business Directory Plugin

2.0.20 < 2.0.20

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/acc9675a-56f6-411a-9594-07144c2aad1b

Credits

Team ISH Tecnologia (Thiago Martins Jorge Buzeti Leandro Inacio Lucas de Souza Matheus Oliveira Filipe Baptistella Leonardo Paiva Jose Thomaz Joao Maciel Vinicius Pereira Geovanni Campos Hudson Nowak Guilherme Acerbi) and Islan Ferreira.