Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.11 views

CVE-2022-0448

The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS5.9AI score0.0632EPSS
Exploits5References1
NVD
NVD
added 2022/03/07 9:15 a.m.43 views

CVE-2022-0448

The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS0.0632EPSS
Exploits5References1
CVE
CVE
added 2022/03/07 8:16 a.m.105 views

CVE-2022-0448

The CVE-2022-0448 issue affects the WordPress CP Blocks plugin prior to 1.0.15. A stored Cross-Site Scripting vulnerability arises because the plugin does not sanitize or escape the License ID setting, potentially allowing high-privilege users to inject script even when unfiltered_html is disallo...

4.8CVSS4.7AI score0.0632EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2022/03/07 8:16 a.m.34 views

CVE-2022-0448 CP Blocks < 1.0.15 - Admin+ Stored Cross-Site Scripting

The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

5AI score0.0632EPSS
Exploits5References1
0day.today
0day.today
added 2022/02/08 12:0 a.m.216 views

WordPress CP Blocks 1.0.14 Plugin - Stored Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting XSS Exploit Author: Shweta Mahajan Vendor Homepage: https://wordpress.org/plugins/cp-blocks/ Software Link: https://wordpress.org/plugins/cp-blocks/ Tested on Windows CVE: CVE-2022-0448 Reference:...

4.8CVSS0.2AI score0.0632EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/02/08 12:0 a.m.209 views

WordPress CP Blocks 1.0.14 Cross Site Scripting

Exploit Title: WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting XSS Date: 2022-02-02 Exploit Author: Shweta Mahajan Vendor Homepage: https://wordpress.org/plugins/cp-blocks/ Software Link: https://wordpress.org/plugins/cp-blocks/ Tested on Windows CVE: CVE-2022-0448 Reference:...

0.0632EPSS
Exploits5
Rows per page
Query Builder