CVE-2022-3209

UNKNOWN 0.0

Soledad < 8.2.5 - Reflected Cross-site Scripting

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The soledad WordPress theme before 8.2.5 does not sanitise the {id,datafilter[type],...} parameters in its penci_more_slist_post_ajax AJAX action, leading to a Reflected Cross-Site Scripting (XSS) vulnerability.

CWE	CWE-79
Vendor	unknown
Product	soledad
Published	Oct 10, 2022
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for unknown soledad

Be the first to know when new unknown vulnerabilities affecting unknown soledad are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / soledad

8.2.5 < 8.2.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/7a244fb1-fa0b-4294-9b51-588bf5d673a2

Credits

Truoc Phan