4 matches found
CVE-2022-4307
The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin...
CVE-2022-4307 Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS
The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin...
CVE-2022-4307 Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS
The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin...
CVE-2022-4307
CVE-2022-4307 affects the Pardakht Delkhah WordPress plugin prior to 2.9.3. The plugin fails to sanitise/escape several parameters, enabling unauthenticated attackers to craft requests containing XSS payloads that are triggered when a high-privilege user (e.g., admin) visits a plugin page. Report...