Wondercms: >> Wondercms >> 3.4.1 Security Vulnerabilities
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
CVSS Score
6.1
EPSS Score
0.799
Published
2023-11-07
The Simple Blog plugin in Wondercms 3.4.1 is vulnerable to stored cross-site scripting (XSS) vulnerability. When any user opens a particular blog hosted on an attackers' site, XSS may occur.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-05-23