3 matches found
CVE-2022-3830 WP Page Builder <= 1.2.8 - Admin+ Stored Cross-Site
The WP Page Builder WordPress plugin through 1.2.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3830
The CVE-2022-3830 issue affects WP Page Builder
CVE-2022-3830 WP Page Builder <= 1.2.8 - Admin+ Stored Cross-Site
The WP Page Builder WordPress plugin through 1.2.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...