Vulnerability Description
A vulnerability was found in UDX Stateless Media Plugin 3.1.1 on WordPress. It has been declared as problematic. This vulnerability affects the function setup_wizard_interface of the file lib/classes/class-settings.php. The manipulation of the argument settings leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 3.2.0 is able to address this issue. The patch is identified as 6aee7ae0b0beeb2232ce6e1c82aa7e2041ae151a. It is recommended to upgrade the affected component. VDB-220750 is the identifier assigned to this vulnerability.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Udx | Stateless Media Plugin | 3.1.1 |
Related Weaknesses (CWE)
References
- https://github.com/udx/wp-stateless/commit/6aee7ae0b0beeb2232ce6e1c82aa7e2041ae1Patch
- https://github.com/udx/wp-stateless/pull/630Patch
- https://github.com/udx/wp-stateless/releases/tag/3.2.0Release Notes
- https://vuldb.com/?ctiid.220750Permissions Required
- https://vuldb.com/?id.220750Permissions Required
- https://github.com/udx/wp-stateless/commit/6aee7ae0b0beeb2232ce6e1c82aa7e2041ae1Patch
- https://github.com/udx/wp-stateless/pull/630Patch
- https://github.com/udx/wp-stateless/releases/tag/3.2.0Release Notes
- https://vuldb.com/?ctiid.220750Permissions Required
- https://vuldb.com/?id.220750Permissions Required
FAQ
What is CVE-2022-4905?
CVE-2022-4905 is a vulnerability with a CVSS score of 3.5 (LOW). A vulnerability was found in UDX Stateless Media Plugin 3.1.1 on WordPress. It has been declared as problematic. This vulnerability affects the function setup_wizard_interface of the file lib/classes/...
How severe is CVE-2022-4905?
CVE-2022-4905 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-4905?
Check the references section above for vendor advisories and patch information. Affected products include: Udx Stateless Media Plugin.