3 matches found
CVE-2022-1506
The WP Born Babies WordPress plugin through 1.0 does not sanitise and escape some of its fields, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...
CVE-2022-1506
The WP Born Babies WordPress plugin through 1.0 does not sanitise and escape some of its fields, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...
CVE-2022-1506
Summary: CVE-2022-1506 affects the WordPress plugin “WP Born Babies” (versions ≤ 1.0). The issue is stored Cross‑Site Scripting caused by insufficient sanitisation/escaping of several fields. Documents indicate that an attacker with as low as contributor role could trigger XSS, enabling JavaScrip...