5 matches found
CVE-2022-4509
creationtimestamp| type| source ---|---|--- 2023-01-23 18:25:01+00:00| seen| https://t.me/cibsecurity/56835...
CVE-2022-4509
The Content Control WordPress plugin before 1.1.10 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high...
CVE-2022-4509 Content Control < 1.1.10 - Contributor+ Stored XSS
The Content Control WordPress plugin before 1.1.10 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high...
CVE-2022-4509
The CVE-2022-4509 entry concerns the WordPress plugin Content Control, version prior to 1.1.10. The vulnerability is due to inadequate validation/escaping of shortcode attributes, enabling Stored XSS from inputs submitted by users with roles as low as Contributor. Impact targets high-privilege us...
WordPress Content Control Plugin < 1.1.10 is vulnerable to Cross Site Scripting (XSS)
Software Content Control Type Plugin Vulnerable versions 1.1.10 Fixed in 1.1.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4509 Patch priority Medium CVSS severity Medium 6.3 Developer Code Atlantic LLC PSID a16131ad7c93 Credits István Márton...