4 matches found
CVE-2022-1915
The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2022-1915
The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2022-1915
The CVE-2022-1915 entry concerns the WordPress plugin WP Zillow Review Slider, affected in versions before 2.4. The vulnerability is a Cross-Site Scripting flaw caused by improper escaping of a settings field, which could allow high-privilege users to inject JavaScript (even when unfiltered_html ...
CVE-2022-1915 WP Zillow Review Slider < 2.4 - Admin+ Stored Cross-Site Scripting
The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...