3 matches found
CVE-2022-0702
creationtimestamp| type| source ---|---|--- 2022-03-14 17:23:40+00:00| seen| https://t.me/cibsecurity/38881...
CVE-2022-0702
The Petfinder Listings WordPress plugin through 1.0.18 does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-0702
CVE-2022-0702 affects the WordPress Petfinder Listings plugin up to version 1.0.18 (and reported through 1.0.19 by PatchStack). The vulnerability stems from not escaping the plugin’s settings, enabling stored Cross-Site Scripting (XSS) by high-privilege users (e.g., admins) even when unfiltered_h...