2 matches found
CVE-2022-4619
The CVE-2022-4619 entry refers to the WordPress plugin Sidebar Widgets by CodeLights. A stored cross-site scripting vulnerability exists in versions up to 1.4 due to insufficient input sanitization and output escaping in the Extra CSS class parameter. Impact applies to multisite installations and...
CVE-2022-4619 Sidebar Widgets by CodeLights <= 1.4 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Sidebar Widgets by CodeLights plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Extra CSS class’ parameter in versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...