CVE-2022-4005

CVSS V2 None CVSS V3 None
Description
The Donation Button WordPress plugin through 4.0.0 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.
Overview
  • CVE ID
  • CVE-2022-4005
  • Assigner
  • contact@wpscan.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-12T18:15:13
  • Last Modified Date
  • 2022-12-15T15:14:52
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:donation_button_project:donation_button:*:*:*:*:*:wordpress:*:* 1 OR 4.0.0
History
Created Old Value New Value Data Type Notes
2022-12-12 18:18:17 Added to TrackCVE
2022-12-12 19:16:04 2022-12-12T18:15:13.023 2022-12-12T18:15:13 CVE Published Date updated
2022-12-12 19:16:04 2022-12-12T18:17:59 CVE Modified Date updated
2022-12-12 19:16:04 Received Awaiting Analysis Vulnerability Status updated
2022-12-13 01:15:16 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-13 02:15:08 Undergoing Analysis Awaiting Analysis Vulnerability Status updated
2022-12-13 15:15:06 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-15 16:17:47 2022-12-15T15:14:52 CVE Modified Date updated
2022-12-15 16:17:47 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-15 16:17:47 CPE Information updated