Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:35 a.m.9 views

CVE-2022-4243

The ImageInject WordPress plugin through 1.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00532EPSS
Exploits2References1
OSV
OSV
added 2022/12/26 1:15 p.m.6 views

CVE-2022-4243

The ImageInject WordPress plugin through 1.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00532EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/12/26 12:28 p.m.9 views

CVE-2022-4243 ImageInject <= 1.17 - Admin+ Stored XSS

The ImageInject WordPress plugin through 1.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.6AI score0.00532EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/12/26 12:28 p.m.28 views

CVE-2022-4243 ImageInject <= 1.17 - Admin+ Stored XSS

The ImageInject WordPress plugin through 1.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.00532EPSS
Exploits2References1
CVE
CVE
added 2022/12/26 12:28 p.m.61 views

CVE-2022-4243

The CVE-2022-4243 vulnerability affects the ImageInject WordPress plugin up to version 1.17, where certain settings are not properly sanitised/escaped. This allows stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (such as in multisite). Several sources (NV...

4.8CVSS4.7AI score0.00532EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder