CVE-2022-1167 Information
Jun 07, 2022
cve
Description
There are unauthenticated reflected Cross-Site Scripting (XSS) vulnerabilities in CareerUp Careerup WordPress theme before 2.3.1 via the filter parameters.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Reference
https://themeforest.net/item/careerup-job-board-wordpress-theme/24002090 https://wpscan.com/vulnerability/a30a1430-c474-4cd1-877c-35c4ab624170 https://m0ze.ru/vulnerability/[2020-06-17]-[WordPress]-[CWE-79]-CareerUp-WordPress-Theme-v2.3.0.txt
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
6.1
Share on: