Lucene search
K

24 matches found

ATTACKERKB
ATTACKERKB
added 2022/07/17 11:15 a.m.5 views

CVE-2022-2186

The Simple Post Notes WordPress plugin before 1.7.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.00493EPSS
Exploits2References2
CVE
CVE
added 2022/07/17 10:37 a.m.74 views

CVE-2022-2186

The CVE-2022-2186 entry concerns the WordPress Simple Post Notes plugin prior to 1.7.6. The issue is a stored cross-site scripting (XSS) vulnerability caused by failure to sanitize and escape plugin settings, enabling high-privilege users (e.g., admins) to perform XSS even when unfiltered_html is...

4.8CVSS4.7AI score0.00493EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/07/17 12:0 a.m.3 views

WordPress plugin Simple Post Notes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS5AI score0.00493EPSS
Exploits2References2
Patchstack
Patchstack
added 2022/06/27 12:0 a.m.24 views

WordPress Simple Post Notes plugin <= 1.7.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Sachin Kumar eSec Forte Technologies Pvt Ltd in WordPress Simple Post Notes plugin versions = 1.7.5. Solution Update the WordPress Simple Post Notes plugin to the latest available version at least 1.7.6...

4.8CVSS1.7AI score0.00493EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder