Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:53 p.m.4 views

CVE-2022-2328

The Flexi Quote Rotator WordPress plugin through 0.9.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6AI score0.00511EPSS
Exploits2References1
NVD
NVD
added 2022/08/01 1:15 p.m.14 views

CVE-2022-2328

The Flexi Quote Rotator WordPress plugin through 0.9.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.00511EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/08/01 12:52 p.m.30 views

CVE-2022-2328 Flexi Quote Rotator <= 0.9.4 - Admin+ Stored Cross-Site Scripting

The Flexi Quote Rotator WordPress plugin through 0.9.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5AI score0.00511EPSS
Exploits2References1
CVE
CVE
added 2022/08/01 12:52 p.m.52 views

CVE-2022-2328

Summary of CVE-2022-2328 : The Flexi Quote Rotator WordPress plugin (versions ≤ 0.9.4) does not sanitise or escape its settings, enabling stored Cross-Site Scripting for high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Multiple sources confirm the vulnerability as an a...

4.8CVSS4.7AI score0.00511EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder