3 matches found
CVE-2022-1567
The WP-JS plugin for WordPress contains a script called wp-js.php with the function wpjsadmin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cross-Site Scripting in versions up to, and including, 2.0.6...
CVE-2022-1567 WP JS <= 2.0.6 - Reflected Cross-Site Scripting
The WP-JS plugin for WordPress contains a script called wp-js.php with the function wpjsadmin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cross-Site Scripting in versions up to, and including, 2.0.6...
CVE-2022-1567
The CVE-2022-1567 entry concerns the WP-JS WordPress plugin. The wp-js.php script contains the wp_js_admin function which accepts unvalidated user input and echoes it back, enabling reflected Cross-Site Scripting in plugin versions up to and including 2.0.6. The affected component is the wp-js.ph...