3 matches found
CVE-2022-4453
The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks against high privilege users like...
CVE-2022-4453 3D FlipBook <= 1.13.2 - Contributor+ Stored XSS
The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks against high privilege users like...
CVE-2022-4453
The CVE-2022-4453 issue affects the WordPress plugin 3D FlipBook up to version 1.13.2 (and earlier). The vulnerability arises from not validating/escaping certain shortcode attributes before output, enabling Stored XSS where a user with as little as Contributor privileges can target high-privileg...