Lucene search
PRIOn knowledge basePRION:CVE-2022-4451HistoryJan 16, 2023 - 4:15 p.m.
Cross site scripting
2023-01-1616:15:00
PRIOn knowledge base
www.prio-n.com
8
wordpress
plugin
cross-site scripting
validation
stored attack
low role
high privilege
EPSS
0.001
Percentile
23.3%
The Social Sharing WordPress plugin before 3.3.45 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
Related
cve
cve
CVE-2022-4451
2023-01-16 16:15:11
wpvulndb
wpvulndb
Sassy Social Share < 3.3.45 - Contributor+ Stored XSS
2022-12-27 00:00:00
nvd
nvd
CVE-2022-4451
2023-01-16 16:15:11
cvelist
cvelist
CVE-2022-4451 Sassy Social Share < 3.3.45 - Contributor+ Stored XSS
2023-01-16 15:38:06
openvas
openvas
WordPress Sassy Social Share Plugin < 3.3.45 XSS Vulnerability
2023-01-18 00:00:00
wpexploit
wpexploit
Sassy Social Share < 3.3.45 - Contributor+ Stored XSS
2022-12-27 00:00:00