5 matches found
CVE-2022-2239
The Request a Quote WordPress plugin before 2.3.9 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2239
creationtimestamp| type| source ---|---|--- 2022-07-25 16:33:14+00:00| seen| https://t.me/cibsecurity/46903...
CVE-2022-2239
The Request a Quote WordPress plugin before 2.3.9 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2239 Request a Quote < 2.3.9 - Admin+ Stored Cross-Site Scripting
The Request a Quote WordPress plugin before 2.3.9 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2239
The CVE-2022-2239 issue affects the WordPress plugin Request a Quote (pre-2.3.9). Affected component: plugin settings sanitization/escaping; root cause is lack of sanitization and escaping of certain settings, enabling cross-site scripting for high-privilege users (e.g., admins) even when unfilte...