5 matches found
CVE-2022-0876
The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2022-0876
The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2022-0876
The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2022-0876
The CVE-2022-0876 issue affects the WordPress plugin “Social comments by WpDevArt” prior to version 2.5.0. The root cause is failure to sanitize and escape settings, enabling stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Impact describ...
CVE-2022-0876 Social comments by WpDevArt < 2.5.0 - Admin+ Stored Cross-Site Scripting
The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfilteredhtml is disallowed...