Lucene search
WPScanCVELIST:CVE-2022-4199HistoryJan 16, 2023 - 3:37 p.m.
CVE-2022-4199 Link Library < 7.4.1 - Admin+ Stored XSS
2023-01-1615:37:51
WPScan
www.cve.org
wordpress
plugin
stored xss
admin
cross-site scripting
capability
The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CNA Affected
[
{
"vendor": "Unknown",
"product": "Link Library",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "7.4.1"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
prion
prion
Cross site scripting
2023-01-16 16:15:00
wpvulndb
wpvulndb
Link Library < 7.4.1 - Admin+ Stored XSS
2022-12-23 00:00:00
cve
cve
CVE-2022-4199
2023-01-16 16:15:11
wpexploit
wpexploit
Link Library < 7.4.1 - Admin+ Stored XSS
2022-12-23 00:00:00
nvd
nvd
CVE-2022-4199
2023-01-16 16:15:11
fedora
fedora
[SECURITY] Fedora 36 Update: OpenImageIO-2.3.21.0-1.fc36
2022-12-31 01:17:01
openvas
openvas
Fedora: Security Advisory for OpenImageIO (FEDORA-2022-e63bc3eca2)
2022-12-31 00:00:00
nessus
nessus
Fedora 36 : OpenImageIO (2022-e63bc3eca2)
2022-12-31 00:00:00