Polylang
1 CVEs
product
Monthly
Cross-site scripting (XSS) vulnerability in the Polylang plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a user description. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
XSS
WordPress
Polylang
NVD
CVSS 2.0
4.3
EPSS
0.2%
EPSS 0%
CVSS 4.3
MEDIUM
PATCH
This Month
Cross-site scripting (XSS) vulnerability in the Polylang plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a user description. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
XSS
WordPress
Polylang
NVD