Lucene search
+L

4 matches found

NVD
NVD
added 2022/05/02 8:15 p.m.18 views

CVE-2022-29444

Plugin Settings Change leading to Cross-Site Scripting XSS vulnerability in Cloudways Breeze plugin = 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wpajax actions in the class BreezeConfiguration which includes the ability to change any of the plugin'...

6.5CVSS0.00538EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/05/02 7:3 p.m.7 views

CVE-2022-29444 WordPress Breeze plugin <= 2.0.2 - Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability

Plugin Settings Change leading to Cross-Site Scripting XSS vulnerability in Cloudways Breeze plugin = 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wpajax actions in the class BreezeConfiguration which includes the ability to change any of the plugin'...

6.5CVSS6AI score0.00538EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/05/02 7:3 p.m.19 views

CVE-2022-29444 WordPress Breeze plugin <= 2.0.2 - Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability

Plugin Settings Change leading to Cross-Site Scripting XSS vulnerability in Cloudways Breeze plugin = 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wpajax actions in the class BreezeConfiguration which includes the ability to change any of the plugin'...

6.5CVSS6.1AI score0.00538EPSS
Exploits0References2
CVE
CVE
added 2022/05/02 7:3 p.m.86 views

CVE-2022-29444

Cloudways Breeze WordPress plugin vulnerability CVE-2022-29444 affects versions up to 2.0.2. The issue is an XSS flaw caused by insufficient authorization and input handling in Breeze_Configuration, allowing a user with subscriber or higher role to trigger wp_ajax_* actions and modify plugin sett...

6.5CVSS5.4AI score0.00538EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder