PT-2022-7981 · WordPress · Easy Table Plugin

Manuel Garcia Cardenas

Published

2022-06-29

Updated

2022-07-07

CVE-2017-20108

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Easy Table Plugin version 1.6

Description A problematic issue has been found in the Easy Table Plugin, affecting an unknown part of the file /wordpress/wp-admin/options-general.php. The manipulation with the input "> leads to basic cross site scripting. It is possible to initiate the attack remotely.

Recommendations For Easy Table Plugin version 1.6, consider disabling access to the /wordpress/wp-admin/options-general.php file until a patch is available. Restrict input to prevent cross-site scripting attacks.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-80CWE-79

Related Identifiers

CVE-2017-20108

Affected Products

Easy Table Plugin

PT-2022-7981 · WordPress · Easy Table Plugin

CVE-2017-20108

Weakness Enumeration

Related Identifiers

Affected Products

References · 5