3 matches found
CVE-2022-2169
The Loading Page with Loading Screen WordPress plugin before 1.0.83 does not escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2169 Loading Page with Loading Screen < 1.0.83 - Admin+ Stored Cross-Site Scripting
The Loading Page with Loading Screen WordPress plugin before 1.0.83 does not escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2169
CVE-2022-2169 affects the WordPress Loading Page with Loading Screen plugin prior to version 1.0.83. The vulnerability arises because the plugin does not escape certain settings, enabling stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. The issue is trigg...