3 matches found
CVE-2022-0969
The Image optimization & Lazy Load by Optimole WordPress plugin before 3.3.2 does not sanitise and escape its "Lazyload background images for selectors" settings, which could allow high privilege users such as admin to perform Cross-Site scripting attacks even when the unfilteredhtml capability i...
CVE-2022-0969
CVE-2022-0969 affects the WordPress Optimole plugin prior to 3.3.2. The issue is that the settings for “Lazyload background images for selectors” are not properly sanitised/escaped, which could allow high-privilege users (e.g., admins) to perform Cross-Site Scripting even when unfiltered_html is ...
CVE-2022-0969 Image optimization & Lazy Load < 3.3.2 - Admin+ Stored Cross-Site Scripting
The Image optimization & Lazy Load by Optimole WordPress plugin before 3.3.2 does not sanitise and escape its "Lazyload background images for selectors" settings, which could allow high privilege users such as admin to perform Cross-Site scripting attacks even when the unfilteredhtml capability i...