Lucene search
WPScanCVELIST:CVE-2022-1093HistoryMay 23, 2022 - 7:15 a.m.
CVE-2022-1093 WP Meta SEO < 4.4.7 - Admin+ Stored Cross-Site Scripting via breadcrumbs
2022-05-2307:15:25
CWE-79
WPScan
www.cve.org
3
cve-2022-1093
wp meta seo
stored cross-site scripting
EPSS
0.001
Percentile
24.8%
The WP Meta SEO WordPress plugin before 4.4.7 does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed.
CNA Affected
[
{
"product": "WP Meta SEO",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.4.7",
"status": "affected",
"version": "4.4.7",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
WP Meta SEO < 4.4.7 - Admin+ Stored Cross-Site Scripting via breadcrumbs
2022-05-02 00:00:00
nvd
nvd
CVE-2022-1093
2022-05-23 08:16:06
cve
cve
CVE-2022-1093
2022-05-23 08:16:06
patchstack
patchstack
prion
prion
Hardcoded credentials
2022-05-23 08:16:00
wpexploit
wpexploit
WP Meta SEO < 4.4.7 - Admin+ Stored Cross-Site Scripting via breadcrumbs
2022-05-02 00:00:00