4 matches found
CVE-2022-3829
The Font Awesome 4 Menus WordPress plugin through 4.7.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3829
The Font Awesome 4 Menus WordPress plugin through 4.7.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3829 Font Awesome 4 Menus <= 4.7.0 - Admin+ Stored XSS
The Font Awesome 4 Menus WordPress plugin through 4.7.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3829
CVE-2022-3829 – Font Awesome 4 Menus WordPress plugin (versions ≤ 4.7.0) contains insufficient sanitization/escaping of settings, enabling Stored XSS by high-privilege users (e.g., admins), even when unfiltered_html is disallowed (such as in multisite setups). Affected component is the plugin’s s...