4 matches found
CVE-2022-3021
The Slickr Flickr WordPress plugin through 2.8.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-3021
The Slickr Flickr WordPress plugin through 2.8.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-3021 Slickr Flickr <= 2.8.1 - Admin+ Stored Cross-Site Scripting
The Slickr Flickr WordPress plugin through 2.8.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-3021
CVE-2022-3021 affects the Slickr Flickr WordPress plugin up to version 2.8.1. The vulnerability is a stored XSS caused by insufficient sanitization and escaping of plugin settings, exploitable by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Impact is cross-site scr...