CVE-2022-43500

Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7.

Link	Resource
https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/	Patch Release Notes
https://jvn.jp/en/jp/JVN09409909/index.html	Third Party Advisory
https://wordpress.org/download/	Product

Configuration 1

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

---

Published : 2022-12-05 04:15

Updated : 2023-02-03 04:58

---

NVD link : CVE-2022-43500

Mitre link : CVE-2022-43500

No products.

CWE-79