3 matches found
CVE-2022-40195
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in PCA Predict plugin = 1.0.3 at WordPress...
CVE-2022-40195 WordPress PCA Predict plugin <= 1.0.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in PCA Predict plugin = 1.0.3 at WordPress...
CVE-2022-40195
CVE-2022-40195 affects the WordPress PCA Predict plugin (versions <= 1.0.3). The vulnerability is an authenticated Stored XSS (admin+ level) due to insufficient sanitization/escaping of settings, enabling stored script execution. Evidence across sources confirms admin-priority access and the X...