4 matches found
CVE-2022-2473
The WP-UserOnline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘templatesbrowsingpagetext' parameter in versions up to, and including, 2.87.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with...
CVE-2022-2473 WP-UserOnline <= 2.87.6 - Authenticated (Admin+) Stored Cross-Site Scripting
The WP-UserOnline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘templatesbrowsingpagetext' parameter in versions up to, and including, 2.87.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with...
CVE-2022-2473
The WP-UserOnline WordPress plugin (versions up to and including 2.87.6) is affected by a Stored Cross-Site Scripting vulnerability in the templates[browsingpage][text] parameter due to insufficient input sanitization and output escaping. Exploitation requires authenticated access with administra...
CVE-2022-2473 WP-UserOnline <= 2.87.6 - Authenticated (Admin+) Stored Cross-Site Scripting
The WP-UserOnline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘templatesbrowsingpagetext' parameter in versions up to, and including, 2.87.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with...