3 matches found
CVE-2022-2936
The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Video Link values that can be added to an Image Hover in versions up to, and including, 9.7.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2022-2936
The CVE-2022-2936 issue affects the WordPress plugin Image Hover Effects Ultimate (versions up to and including 9.7.3). It is a Stored Cross-Site Scripting vulnerability caused by insufficient input sanitization and output escaping of Video Link values added to an Image Hover. Authenticated attac...
CVE-2022-2936 Image Hover Effects Ultimate <= 9.7.3 - Authenticated Stored Cross-Site Scripting via Video Link
The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Video Link values that can be added to an Image Hover in versions up to, and including, 9.7.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...