Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:2 p.m.6 views

CVE-2022-0684

The WP Home Page Menu WordPress plugin before 3.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.0067EPSS
Exploits2References1
Circl
Circl
added 2022/03/14 5:18 p.m.6 views

CVE-2022-0684

creationtimestamp| type| source ---|---|--- 2022-03-14 17:18:26+00:00| seen| https://t.me/cibsecurity/38872...

4.8CVSS5.8AI score0.0067EPSS
Exploits2References1
NVD
NVD
added 2022/03/14 3:15 p.m.14 views

CVE-2022-0684

The WP Home Page Menu WordPress plugin before 3.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.0067EPSS
Exploits2References2
CVE
CVE
added 2022/03/14 2:41 p.m.91 views

CVE-2022-0684

CVE-2022-0684 affects the WordPress plugin “WP Home Page Menu” pre-3.1. The vulnerability stems from insufficient sanitisation/escaping of the plugin’s settings, enabling stored Cross-Site Scripting (XSS) by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. The impact i...

4.8CVSS4.7AI score0.0067EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2022/03/14 2:41 p.m.18 views

CVE-2022-0684 WP Home Page Menu < 3.1 - Admin+ Stored Cross-Site Scripting

The WP Home Page Menu WordPress plugin before 3.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5AI score0.0067EPSS
Exploits2References2
Rows per page
Query Builder