CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-4791

The Product Slider and Carousel with Category for WooCommerce WordPress plugin before 2.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.1%

CVSS Severity

CVSS v3 Score 5.4

References

https://wpscan.com/vulnerability/0a6e4c45-3f6d-4150-9546-141c2e3a1782
https://wpscan.com/vulnerability/0a6e4c45-3f6d-4150-9546-141c2e3a1782

Products affected by CVE-2022-4791

Essentialplugin » Product Slider And Carousel With Category With Woocommerce » Version: Any

cpe:2.3:a:essentialplugin:product_slider_and_carousel_with_category_with_woocommerce:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4791

Products

Pricing

Contact Us