CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-0647

The Bulk Creator WordPress plugin through 1.0.1 does not sanitize and escape the post_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.4%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://wpscan.com/vulnerability/4a585d5f-72ba-43e3-b04f-8b3e1b84444a
https://wpscan.com/vulnerability/4a585d5f-72ba-43e3-b04f-8b3e1b84444a

Products affected by CVE-2022-0647

Bulk Creator Project » Bulk Creator » Version: Any

cpe:2.3:a:bulk_creator_project:bulk_creator:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-0647

Products

Pricing

Contact Us