2 matches found
CVE-2022-0447
The Post Grid WordPress plugin before 2.1.16 does not sanitise and escape the posttypes parameter before outputting it back in the response of the postgridupdatetaxonomiestermsbyposttypes AJAX action, available to any authenticated users, leading to a Reflected Cross-Site Scripting...
CVE-2022-0447
The CVE-2022-0447 issue affects the WordPress Post Grid plugin prior to version 2.1.16. The vulnerability arises because the post_types parameter is not sanitized/escaped before being echoed in the response of the post_grid_update_taxonomies_terms_by_posttypes AJAX action, which is accessible to ...