CVE-2022-29452

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

4.8MEDIUM

EPSS

0.3%

top 46.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Atlas Gondal Export ALL Urls (wordpress Plugin)Atlasgondal Export ALL Urls

Timeline

PublishedJun 15

Latest updateJun 16

Description

Authenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4.1 at WordPress.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:NExploitability: 1.7 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5atlas_gondal/export_all_urls_(wordpress_plugin)4.1

▶NVDatlasgondal/export_all_urls4.1

🔴Vulnerability Details

GHSA

GHSA-v4c7-53jg-7x9j: Authenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4↗2022-06-16

▶

CVEList

WordPress Export All URLs plugin <= 4.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability↗2022-06-15

▶