Lucene search
PRIOn knowledge basePRION:CVE-2022-29444HistoryMay 02, 2022 - 8:15 p.m.
Cross site scripting
2022-05-0220:15:00
PRIOn knowledge base
www.prio-n.com
6
0.001 Low
EPSS
Percentile
19.4%
Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability in Cloudways Breeze plugin <= 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wp_ajax_* actions in the class Breeze_Configuration which includes the ability to change any of the plugin’s settings including CDN setting which could be further used for XSS attack.
Related
patchstack
patchstack
wpvulndb
wpvulndb
Breeze < 2.0.3 - Subscriber+ Arbitrary Settings Update to Stored XSS
2022-05-02 00:00:00
openvas
openvas
WordPress Breeze Plugin < 2.0.3 XSS Vulnerability
2022-05-11 00:00:00
nvd
nvd
CVE-2022-29444
2022-05-02 20:15:08
cve
cve
CVE-2022-29444
2022-05-02 20:15:08
cnvd
cnvd
WordPress Cloudways Breeze plugin跨站脚本漏洞
2022-05-07 00:00:00
cvelist
cvelist