3 matches found
CVE-2022-4119
The Image Optimizer, Resizer and CDN WordPress plugin before 6.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2022-4119 Image Optimizer, Resizer and CDN < 6.8.1 - Admin+ Stored XSS
The Image Optimizer, Resizer and CDN WordPress plugin before 6.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2022-4119
The CVE-2022-4119 entry concerns the WordPress plugin Image Optimizer, Resizer and CDN, prior to version 6.8.1. The vulnerability arises because the plugin does not adequately sanitize and escape certain settings, enabling Stored XSS by high-privilege users (such as admins) even when unfiltered_h...