3 matches found
CVE-2022-4622 Login Logout Menu <= 1.3.3 - Contributor+ Stored XSS in Shortcode
The Login Logout Menu WordPress plugin through 1.3.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2022-4622
The CVE-2022-4622 issue affects the WordPress plugin Login Logout Menu (versions
WordPress Login Logout Menu Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Login Logout Menu Type Plugin Vulnerable versions = 1.3.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4622 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 93394eba834d Credits Lana Codes Require...