5 matches found
CVE-2022-1750
The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popuptitle' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin level capabilities an...
CVE-2022-1750
The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popuptitle' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin level capabilities an...
CVE-2022-1750 Sticky Popup <= 1.2 - Authenticated (Admin+) Stored Cross-Site Scripting
The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popuptitle' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin level capabilities an...
CVE-2022-1750 Sticky Popup <= 1.2 - Authenticated (Admin+) Stored Cross-Site Scripting
The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popuptitle' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin level capabilities an...
WordPress plugin Sticky Popup 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Sticky Popup plugin 1.2 and earlier versions have a cross-site scripting vulnerability, whi...