Lucene search
PRIOn knowledge basePRION:CVE-2022-4260HistoryJan 02, 2023 - 10:15 p.m.
Cross site scripting
2023-01-0222:15:00
PRIOn knowledge base
www.prio-n.com
2
wp-ban plugin
stored cross-site scripting
high privilege users
security restrictions
admin
disallowed capability
0.001 Low
EPSS
Percentile
39.7%
The WP-Ban WordPress plugin before 1.69.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Related
nvd
nvd
CVE-2022-4260
2023-01-02 22:15:16
nuclei
nuclei
WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting
2022-12-26 00:32:40
cve
cve
CVE-2022-4260
2023-01-02 22:15:16
cvelist
cvelist
CVE-2022-4260 WP-Ban < 1.69.1 - Admin+ Stored XSS
2023-01-02 21:49:42
wpvulndb
wpvulndb
WP-Ban < 1.69.1 - Admin+ Stored XSS
2022-12-06 00:00:00
wpexploit
wpexploit
WP-Ban < 1.69.1 - Admin+ Stored XSS
2022-12-06 00:00:00