5 matches found
CVE-2022-3831
The reCAPTCHA WordPress plugin through 1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3831
The reCAPTCHA WordPress plugin through 1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3831 reCAPTCHA <= 1.6 - Admin+ Stored XSS
The reCAPTCHA WordPress plugin through 1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3831 reCAPTCHA <= 1.6 - Admin+ Stored XSS
The reCAPTCHA WordPress plugin through 1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3831
The CVE-2022-3831 entry refers to the WordPress reCAPTCHA plugin (versions up to 1.6). The root cause is inadequate sanitisation/escaping of certain settings, enabling stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (notably in multisite setups). Connecte...