3 matches found
CVE-2022-3610
CVE-2022-3610 affects the WordPress Jeeng Push Notifications plugin (versions before 2.0.4). The vulnerability arises because the plugin does not sanitize and escape certain settings, which could allow high-privilege users (e.g., admins) to perform Stored Cross-Site Scripting even when unfiltered...
CVE-2022-3610 Jeeng Push Notifications < 2.0.4 - Admin+ Stored Cross-Site Scripting
The Jeeng Push Notifications WordPress plugin before 2.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3610 Jeeng Push Notifications < 2.0.4 - Admin+ Stored Cross-Site Scripting
The Jeeng Push Notifications WordPress plugin before 2.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...