Cross site scripting

2022-06-1313:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

24.8%

JSON

The Slideshow CK WordPress plugin before 1.4.10 does not sanitize and escape Slide’s descriptions, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed

CPENameOperatorVersion
slideshow_ckle1.4.10

CPE	Name	Operator	Version
	slideshow_ck	le	1.4.10

References

wpscan.com/vulnerability/cfc80857-8674-478f-9604-7a8849e5b85e

0.001 Low

EPSS

Percentile

24.8%

JSON

Related for PRION:CVE-2022-1335