7 matches found
CVE-2022-37404
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Christian Salazar's add2fav plugin = 1.0 at WordPress...
CVE-2022-37404
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Christian Salazar's add2fav plugin = 1.0 at WordPress...
CVE-2022-37404
CVE-2022-37404 concerns WordPress add2fav plugin version ≤ 1.0, where an admin+ user can trigger an authenticated Stored Cross-Site Scripting (XSS) vulnerability. The trusted attacker’s input is not sufficiently sanitised/escaped in plugin settings, enabling script execution within authenticated ...
CVE-2022-37404 WordPress add2fav plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Christian Salazar's add2fav plugin = 1.0 at WordPress...
PT-2022-23976 · Christian Salazar · Add2Fav Plugin
Name of the Vulnerable Software and Affected Versions: Christian Salazar's add2fav plugin version 1.0 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin privileges can inject malicious scripts int...
WordPress plugin add2fav 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress add2fav plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress add2fav plugin versions = 1.0. Solution No patched version available...