2 matches found
CVE-2022-37335 WordPress Word Search Puzzles game plugin <= 2.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated author+ Stored Cross-Site Scripting XSS vulnerability in WHA's Word Search Puzzles game plugin = 2.0.1 at WordPress...
CVE-2022-37335
CVE-2022-37335 affects WHA’s Word Search Puzzles WordPress plugin (versions ≤ 2.0.1). The vulnerability is an authenticated stored cross-site scripting (XSS) issue due to insufficient sanitization/escaping of input in the plugin, enabling an author+ to inject scripts that could affect other users...