3 matches found
CVE-2022-1217
The Custom TinyMCE Shortcode Button WordPress plugin through 1.1 does not sanitise and escape the PHPSELF variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting...
CVE-2022-1217
CVE-2022-1217 affects the WordPress plugin Custom TinyMCE Shortcode Button (
CVE-2022-1217 Custom TinyMCE Shortcode Button <= 1.1 - Reflected Cross-Site Scripting
The Custom TinyMCE Shortcode Button WordPress plugin through 1.1 does not sanitise and escape the PHPSELF variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting...