Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:13 p.m.11 views

CVE-2022-1113

The Flower Delivery by Florist One WordPress plugin through 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setups...

4.8CVSS5.6AI score0.00552EPSS
Exploits2References1
NVD
NVD
added 2022/06/27 9:15 a.m.24 views

CVE-2022-1113

The Flower Delivery by Florist One WordPress plugin through 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setups...

4.8CVSS0.00552EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/06/27 8:56 a.m.23 views

CVE-2022-1113 Flower Delivery by Florist One <= 3.7 - Admin+ Stored Cross-Site Scripting

The Flower Delivery by Florist One WordPress plugin through 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setups...

4.9AI score0.00552EPSS
Exploits2References1
CVE
CVE
added 2022/06/27 8:56 a.m.82 views

CVE-2022-1113

The CVE-2022-1113 entry concerns the WordPress plugin “Flower Delivery by Florist One” (versions up to 3.7). The vulnerability arises because the plugin does not sanitize and escape several settings, enabling Stored Cross-Site Scripting (Stored XSS) by high-privilege users (e.g., admins) when the...

4.8CVSS4.6AI score0.00552EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder