Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/22 11:11 p.m.3 views

CVE-2022-3220

The Advanced Comment Form WordPress plugin before 1.2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6.2AI score0.0047EPSS
Exploits2References1
nvd
nvd
added 2022/10/10 9:15 p.m.14 views

CVE-2022-3220

The Advanced Comment Form WordPress plugin before 1.2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.0047EPSS
Exploits2References1
cve
cve
added 2022/10/10 12:0 a.m.64 views

CVE-2022-3220

CVE-2022-3220 concerns the WordPress plugin Advanced Comment Form prior to version 1.2.1, where the plugin does not sanitize or escape its settings. This allows high-privilege users (e.g., admins) to perform cross-site scripting attacks, even when the unfiltered_html capability is disallowed. Aff...

4.8CVSS4.8AI score0.0047EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2022/10/10 12:0 a.m.19 views

CVE-2022-3220 Advanced Comment Form < 1.2.1 - Admin+ Authenticated Stored XSS

The Advanced Comment Form WordPress plugin before 1.2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5.1AI score0.0047EPSS
Exploits2References1
Rows per page
Query Builder