4 matches found
CVE-2022-29444
Plugin Settings Change leading to Cross-Site Scripting XSS vulnerability in Cloudways Breeze plugin = 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wpajax actions in the class BreezeConfiguration which includes the ability to change any of the plugin'...
CVE-2022-29444 WordPress Breeze plugin <= 2.0.2 - Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability
Plugin Settings Change leading to Cross-Site Scripting XSS vulnerability in Cloudways Breeze plugin = 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wpajax actions in the class BreezeConfiguration which includes the ability to change any of the plugin'...
CVE-2022-29444 WordPress Breeze plugin <= 2.0.2 - Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability
Plugin Settings Change leading to Cross-Site Scripting XSS vulnerability in Cloudways Breeze plugin = 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wpajax actions in the class BreezeConfiguration which includes the ability to change any of the plugin'...
CVE-2022-29444
Cloudways Breeze WordPress plugin vulnerability CVE-2022-29444 affects versions up to 2.0.2. The issue is an XSS flaw caused by insufficient authorization and input handling in Breeze_Configuration, allowing a user with subscriber or higher role to trigger wp_ajax_* actions and modify plugin sett...