mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-07 13:36:56 +00:00
36 lines
1.2 KiB
JSON
36 lines
1.2 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2023-1282",
|
||
|
|
"sourceIdentifier": "contact@wpscan.com",
|
||
|
|
"published": "2023-04-17T13:15:38.123",
|
||
|
|
"lastModified": "2023-04-17T14:06:26.107",
|
||
|
|
"vulnStatus": "Awaiting Analysis",
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "The Drag and Drop Multiple File Upload PRO - Contact Form 7 Standard WordPress plugin before 2.11.1 and Drag and Drop Multiple File Upload PRO - Contact Form 7 with Remote Storage Integrations WordPress plugin before 5.0.6.4 do not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admins."
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {},
|
||
|
|
"weaknesses": [
|
||
|
|
{
|
||
|
|
"source": "contact@wpscan.com",
|
||
|
|
"type": "Primary",
|
||
|
|
"description": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-79"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "https://wpscan.com/vulnerability/8a9548c5-59ea-46b0-bfa5-a0f7a259351a",
|
||
|
|
"source": "contact@wpscan.com"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://wpscan.com/vulnerability/f4b2617f-5235-4587-9eaf-d0f6bb23dc27",
|
||
|
|
"source": "contact@wpscan.com"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|