6.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD
Description
The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS
Affected (1)
Products: Ibenic: Simple Giveaways
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.36.2 |
References (4)
Source: contact@wpscan.com
ExploitThird Party Advisory
Source: contact@wpscan.com
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Timeline
No history available yet.