3 matches found
CVE-2022-2151
The Best Contact Management Software WordPress plugin through 3.7.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2151
CVE-2022-2151 affects the WordPress plugin “Best Contact Management Software” up to version 3.7.3. The issue is a failure to sanitize/escape certain plugin settings, enabling stored cross-site scripting (XSS) by high-privilege users (e.g., admin) even when unfiltered_html is disallowed. The vulne...
WordPress plugin Best Contact Management 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...