6 matches found
CVE-2022-2799
The Affiliates Manager WordPress plugin before 2.9.14 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
WordPress Affiliates Manager Plugin < 2.9.14 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpaffiliatemanager:affiliatesmanager"; ifdescription...
CVE-2022-2799
creationtimestamp| type| source ---|---|--- 2022-09-16 12:42:00+00:00| seen| https://t.me/cibsecurity/49872...
CVE-2022-2799
The Affiliates Manager WordPress plugin before 2.9.14 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2799
The CVE-2022-2799 entry concerns the WordPress Affiliates Manager plugin prior to version 2.9.14. The vulnerability arises from insufficient sanitization/escaping of certain settings, enabling stored Cross-Site Scripting by high-privilege users even when unfiltered_html is disallowed. The NVD rep...
CVE-2022-2799 Affiliates Manager < 2.9.14 - Admin+ Stored Cross-Site Scripting
The Affiliates Manager WordPress plugin before 2.9.14 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...