4 matches found
CVE-2022-1027
The Page Restriction WordPress WP WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross-Site Scripting that will only affect administrator users...
CVE-2022-1027
The Page Restriction WordPress WP WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross-Site Scripting that will only affect administrator users...
CVE-2022-1027 Page Restriction WordPress < 1.2.7 - Admin+ Stored Cross-Site Scripting
The Page Restriction WordPress WP WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross-Site Scripting that will only affect administrator users...
CVE-2022-1027
The CVE concerns the WordPress Page Restriction plugin (before 1.2.7). The vulnerability allows an administrator with settings-page access to inject JavaScript into the plugin’s settings, causing stored XSS that affects administrator users. Root cause: improper handling of input in the settings p...