2 matches found
CVE-2022-45375
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in iFeature Slider plugin = 1.2 on WordPress...
CVE-2022-45375
The CVE-2022-45375 entry concerns WordPress iFeature Slider plugin ≤ 1.2, with an Auth. (contributor+) Stored Cross‑Site Scripting (XSS) vulnerability. The root cause is inadequate sanitisation/escaping of input parameters by the plugin, enabling a user with Contributor+ role to inject scripts th...