What is CVE-2022-2753?

CVE-2022-2753 is a vulnerability in Ketchup Restaurant Reservations, classified under Cross-site Scripting. Published 2022-09-19.

Is CVE-2022-2753 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Ketchup Restaurant Reservations

CVE-2022-2753

The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not sanitise and escape some of the reservation user inputs, allowing unauthenticated attackers to perform Cross-Site Scripting attacks logged in admin viewing the mal…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.841 (99.7th percentile) — read the EPSS interpretation.

Affected products

Unknown Ketchup Restaurant Reservations — versions 1.0.0

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cve-scores

References

wpscan.com/vulnerability/3c6cc46e-e18a-4f34-ac09-f30ca74a1182 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-2753?: CVE-2022-2753 is a vulnerability in Ketchup Restaurant Reservations, classified under Cross-site Scripting. Published 2022-09-19.
Is CVE-2022-2753 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.