5 matches found
CVE-2022-4650
creationtimestamp| type| source ---|---|--- 2023-01-23 18:31:10+00:00| seen| https://t.me/cibsecurity/56852 2025-04-03 19:35:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10334...
CVE-2022-4650
The HashBar WordPress plugin before 1.3.6 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2022-4650 HashBar – WordPress Notification Bar < 1.3.6 - Contributor+ Stored XSS via Shortcode
The HashBar WordPress plugin before 1.3.6 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2022-4650
The CVE-2022-4650 entry concerns the HashBar WordPress plugin prior to version 1.3.6. Affected component: the shortcode attribute handling in the plugin’s output path. Root cause: lack of validation and escaping for a specific shortcode attribute, enabling Stored Cross-Site Scripting (Stored XSS)...
CVE-2022-4650 HashBar – WordPress Notification Bar < 1.3.6 - Contributor+ Stored XSS via Shortcode
The HashBar WordPress plugin before 1.3.6 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...