2 matches found
CVE-2022-0728 Easy Smooth Scroll Links < 2.23.1 - Admin+ Stored Cross-Site Scripting
The Easy Smooth Scroll Links WordPress plugin before 2.23.1 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-0728
The CVE-2022-0728 entry concerns the WordPress plugin Easy Smooth Scroll Links (prior to version 2.23.1). Affected component: plugin settings handling, which are not properly sanitized/escaped. Root cause: unfiltered input in plugin settings enables stored Cross-Site Scripting. Impact: could allo...