4 matches found
CVE-2022-3811
The EU Cookie Law for GDPR/CCPA WordPress plugin through 3.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setu...
CVE-2022-3811
creationtimestamp| type| source ---|---|--- 2023-01-23 18:25:18+00:00| seen| https://t.me/cibsecurity/56847...
CVE-2022-3811
CVE-2022-3811 – EU Cookie Law (WordPress) Stored XSS : In versions up to 3.1.6, the plugin does not sanitize/escape certain settings, allowing an admin (high privileged) to execute a stored XSS, even if unfiltered_html is disallowed (e.g., multisite). Connected sources confirm the affected compon...
CVE-2022-3811 EU Cookie Law <= 3.1.6 - Admin+ Stored XSS
The EU Cookie Law for GDPR/CCPA WordPress plugin through 3.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setu...