4 matches found
CVE-2022-4199
The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-4199
creationtimestamp| type| source ---|---|--- 2025-04-04 18:36:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10521...
CVE-2022-4199
The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-4199
CVE-2022-4199 affects the Link Library WordPress plugin (versions prior to 7.4.1). Root cause: the plugin does not sanitise and escape some settings, enabling stored XSS by high-privilege users (e.g., admins), even when unfiltered_html is disallowed (e.g., multisite). Impact: storedCross‑SiteScri...