Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:18 p.m.6 views

CVE-2022-1558

The Curtain WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

4.8CVSS5.7AI score0.00955EPSS
Exploits1References1
NVD
NVD
added 2022/05/23 8:16 a.m.16 views

CVE-2022-1558

The Curtain WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

4.8CVSS0.00955EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/05/23 7:15 a.m.19 views

CVE-2022-1558 Curtain <= 1.0.2 - Admin+ Stored Cross-Site Scripting

The Curtain WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

5AI score0.00955EPSS
Exploits1References2
CVE
CVE
added 2022/05/23 7:15 a.m.58 views

CVE-2022-1558

The CVE-2022-1558 issue affects the Curtain WordPress plugin up to version 1.0.2. The vulnerability arises because certain plugin settings are not properly sanitized and escaped, enabling a Stored Cross-Site Scripting (XSS) attack when the unfiltered_html capability is disallowed. Affected compon...

4.8CVSS4.7AI score0.00955EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder