5 matches found
CVE-2022-47423
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ulf Benjaminsson WP-dTree plugin = 4.4.5 versions...
CVE-2022-47423
creationtimestamp| type| source ---|---|--- 2023-05-10 14:14:19+00:00| seen| https://t.me/cibsecurity/63734...
CVE-2022-47423
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ulf Benjaminsson WP-dTree plugin = 4.4.5 versions...
CVE-2022-47423
CVE-2022-47423 pertains to the WordPress WP-dTree plugin, affected versions are ≤ 4.4.5. The root cause is a Stored XSS flaw in plugin settings due to insufficient sanitization/escaping, allowing admin+ users to inject malicious content. Public sources corroborate admin-level exposure and note th...
WordPress WP-dTree Plugin <= 4.4.5 is vulnerable to Cross Site Scripting (XSS)
Software WP-dTree Type Plugin Vulnerable versions = 4.4.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47423 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d3bd04fbe505 Credits Justiice Required privilege...