Lucene search
PRIOn knowledge basePRION:CVE-2022-4669HistoryFeb 21, 2023 - 9:15 a.m.
Cross site scripting
2023-02-2109:15:00
PRIOn knowledge base
www.prio-n.com
3
cross-site scripting
live composer wordpress plugin
stored
vulnerability
shortcode
escaping
contributor role
nvd
0.001 Low
EPSS
Percentile
21.2%
The Page Builder: Live Composer WordPress plugin before 1.5.23 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Related
wpvulndb
wpvulndb
Page Builder: Live Composer < 1.5.23 - Contributor+ Stored XSS via Shortcode
2023-01-24 00:00:00
cve
cve
CVE-2022-4669
2023-02-21 09:15:10
nvd
nvd
CVE-2022-4669
2023-02-21 09:15:10
wpexploit
wpexploit
Page Builder: Live Composer < 1.5.23 - Contributor+ Stored XSS via Shortcode
2023-01-24 00:00:00
cvelist
cvelist
fedora
fedora
[SECURITY] Fedora 36 Update: webkit2gtk3-2.38.3-1.fc36
2022-12-31 01:17:03
[SECURITY] Fedora 37 Update: webkitgtk-2.38.3-2.fc37
2022-12-27 01:13:43