Lucene search
PRIOn knowledge basePRION:CVE-2022-3922HistoryDec 28, 2022 - 11:15 a.m.
Cross site scripting
2022-12-2811:15:00
PRIOn knowledge base
www.prio-n.com
5
wordpress
plugin
vulnerability
stored cross-site scripting
settings
multisite
0.001 Low
EPSS
Percentile
23.5%
The Broken Link Checker WordPress plugin before 1.11.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
| CPE | Name | Operator | Version |
|---|---|---|---|
| broken_link_checker | lt | 1.11.20 |
Related
wpvulndb
wpvulndb
Broken Link Checker < 1.11.20 - Admin+ Cross-Site Scripting
2022-11-11 00:00:00
cve
cve
CVE-2022-3922
2022-12-28 11:15:09
nvd
nvd
CVE-2022-3922
2022-12-28 11:15:09
cvelist
cvelist
CVE-2022-3922 Broken Link Checker < 1.11.20 - Admin+ Cross-Site Scripting
2022-12-28 10:37:25
openvas
openvas
WordPress Broken Link Checker Plugin < 1.11.20 XSS Vulnerability
2023-01-02 00:00:00
wpexploit
wpexploit
Broken Link Checker < 1.11.20 - Admin+ Cross-Site Scripting
2022-11-11 00:00:00