Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2022/09/19 2:15 p.m.4 views

CVE-2022-2710

The Scroll To Top WordPress plugin before 1.4.1 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.9AI score0.005EPSS
Exploits2References2
OSV
OSV
added 2022/09/19 2:15 p.m.4 views

CVE-2022-2710

The Scroll To Top WordPress plugin before 1.4.1 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.005EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/09/19 2:0 p.m.36 views

CVE-2022-2710 Scroll To Top < 1.4.1 - Admin+ Stored Cross-Site Scripting

The Scroll To Top WordPress plugin before 1.4.1 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.005EPSS
Exploits2References1
CVE
CVE
added 2022/09/19 2:0 p.m.55 views

CVE-2022-2710

The CVE-2022-2710 entry concerns the WordPress Scroll To Top plugin (versions prior to 1.4.1). The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by insufficient escaping of certain plugin settings, which could let high-privilege users (e.g., admins) execute scripts even when un...

4.8CVSS4.7AI score0.005EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder