4 matches found
CVE-2022-1558
The Curtain WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...
CVE-2022-1558
The Curtain WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...
CVE-2022-1558 Curtain <= 1.0.2 - Admin+ Stored Cross-Site Scripting
The Curtain WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...
CVE-2022-1558
The CVE-2022-1558 issue affects the Curtain WordPress plugin up to version 1.0.2. The vulnerability arises because certain plugin settings are not properly sanitized and escaped, enabling a Stored Cross-Site Scripting (XSS) attack when the unfiltered_html capability is disallowed. Affected compon...