Vulnerabilities > CVE-2022-29413 - Unspecified vulnerability in Hermit Project Hermit 3.1.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress via &title parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
References
- https://patchstack.com/database/vulnerability/hermit/wordpress-hermit-plugin-3-1-6-cross-site-request-forgery-csrf-leading-to-stored-cross-site-scripting-xss-vulnerability
- https://patchstack.com/database/vulnerability/hermit/wordpress-hermit-plugin-3-1-6-cross-site-request-forgery-csrf-leading-to-stored-cross-site-scripting-xss-vulnerability
- https://wordpress.org/plugins/hermit/
- https://wordpress.org/plugins/hermit/