Lucene search

K
prionPRIOn knowledge basePRION:CVE-2022-4451
HistoryJan 16, 2023 - 4:15 p.m.

Cross site scripting

2023-01-1616:15:00
PRIOn knowledge base
www.prio-n.com
6
wordpress
plugin
cross-site scripting
validation
stored attack
low role
high privilege

0.001 Low

EPSS

Percentile

23.5%

The Social Sharing WordPress plugin before 3.3.45 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.

CPENameOperatorVersion
sassy_social_sharelt3.3.45

0.001 Low

EPSS

Percentile

23.5%

Related for PRION:CVE-2022-4451