Zercurity data services
  • Expand groupSummary
  • Applications (0)
  • Packages (0)
  • System updates (0)
  • Operating systems (0)

CVE-2022-2384

Description
The Digital Publications by Supsystic WordPress plugin before 1.7.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
  • Risk: 48
CVSSv3
    CVSSv2

      Raw Object

      {
  "uuid": "40137f02-515e-7d15-405a-470b6773535a",
  "name": "CVE-2022-2384",
  "description": "The Digital Publications by Supsystic WordPress plugin before 1.7.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.",
  "cvss": null,
  "score": 0,
  "severity": "NONE",
  "cvss3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
  "score3": 4.8,
  "severity3": "MEDIUM",
  "applications": [],
  "packages": [],
  "updates": [],
  "os": [],
  "risk": 48,
  "created_at": "2022-08-15T11:21:00+00:00",
  "updated_at": "2022-08-16T17:45:00+00:00",
  "deleted_at": null
}