Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.8
CVSSv3

CVE-2022-3070

Published: 26/09/2022 Updated: 27/09/2022
CVSS v3 Base Score: 4.8 | Impact Score: 2.7 | Exploitability Score: 1.7
VMScore: 0
Subscribe to Zealousweb

Vulnerability Summary

The Generate PDF WordPress plugin prior to 3.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

zealousweb generate pdf using contact form 7

References

CWE-79https://wpscan.com/vulnerability/cd8d71d1-030e-4ad4-866e-75d242883c6chttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook