Approved changes feed: RSS · Atom

cpe:2.3:a:duogeek:duofaq-responsive-flat-simple-faq:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorDuogeek (b08e79c4-78ac-5492-b85c-75150fa36c67)
ProductDuofaq Responsive Flat Simple Faq (51e37a83-433b-5f22-80bc-8ed1c1452359)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/wp-plugins/duofaq-responsive-flat-simple-faq purl2cpe 2026-06-01 10:12:59.324621

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-39319 vulnerable 2026-06-08 05:33:50.057985 duoFAQ - Responsive, Flat, Simple FAQ <= 1.4.8 Reflected Cross-Site Scripting
MEDIUM (6.1)
The duoFAQ - Responsive, Flat, Simple FAQ WordPess plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the ~/duogeek/duogeek-panel.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.8.
Published: 2021-12-14T15:50:09.401Z
Updated: 2025-02-13T20:47:45.352Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.