4 matches found
CVE-2022-0271
The LearnPress WordPress plugin before 4.1.6 does not sanitise and escape the lp-dismiss-notice before outputting it back via the lpbackgroundsingleemail AJAX action, leading to a Reflected Cross-Site Scripting...
CVE-2022-0271
creationtimestamp| type| source ---|---|--- 2022-04-11 18:16:19+00:00| seen| https://t.me/cibsecurity/40478...
CVE-2022-0271
The CVE-2022-0271 entry concerns the WordPress LearnPress plugin and affects versions before 4.1.6. The underlying issue is insufficient sanitization/escaping of the lp-dismiss-notice before it is rendered back through the lp_background_single_email AJAX action, resulting in a Reflected Cross-Sit...
CVE-2022-0271 LearnPress < 4.1.6 - Reflected Cross-Site Scripting
The LearnPress WordPress plugin before 4.1.6 does not sanitise and escape the lp-dismiss-notice before outputting it back via the lpbackgroundsingleemail AJAX action, leading to a Reflected Cross-Site Scripting...