5 matches found
CVE-2022-0662
The AdRotate WordPress plugin before 5.8.23 does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-0662
creationtimestamp| type| source ---|---|--- 2022-05-02 20:28:12+00:00| seen| https://t.me/cibsecurity/41743...
CVE-2022-0662
The AdRotate WordPress plugin before 5.8.23 does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-0662
CVE-2022-0662 affects the WordPress AdRotate plugin prior to 5.8.23. The vulnerability arises because Advert Names are not properly sanitized/escaped, enabling a high-privilege user to perform Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed. The issue is ...
CVE-2022-0662 Adrotate < 5.8.23 - Admin+ XSS via Advert Name
The AdRotate WordPress plugin before 5.8.23 does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...