3 matches found
CVE-2022-4112
The Quizlord WordPress plugin through 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-4112 Quizlord <= 2.0 - Admin+ Stored XSS
The Quizlord WordPress plugin through 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-4112
The CVE-2022-4112 case concerns the Quizlord WordPress plugin (versions through 2.0). Affected component: plugin settings not sanitised/escaped, enabling Stored XSS by high-privilege users (e.g., admin) even when unfiltered_html is disallowed (multisite). Impact is described as admin-level XSS wi...