The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/85e32913-dc2a-44c9-addd-7abde618e995/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2024-01-16T15:53:36.500Z
Updated: 2024-01-16T15:53:36.500Z
Reserved: 2022-09-13T10:02:00.257Z
Link: CVE-2022-3194
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-16T16:15:09.883
Modified: 2024-01-24T15:55:36.690
Link: CVE-2022-3194
JSON object: View
Redhat Information
No data.
CWE