Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:20 a.m.7 views

CVE-2022-4625

The Login Logout Menu WordPress plugin before 1.4.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.4CVSS5.9AI score0.00534EPSS
Exploits2References1
NVD
NVD
added 2023/01/23 3:15 p.m.28 views

CVE-2022-4625

The Login Logout Menu WordPress plugin before 1.4.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.4CVSS5.3AI score0.00534EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/01/23 2:31 p.m.7 views

CVE-2022-4625 Login Logout Menu < 1.4.0 - Contributor+ Stored XSS in Shortcode

The Login Logout Menu WordPress plugin before 1.4.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

6.1AI score0.00534EPSS
Exploits2References1
CVE
CVE
added 2023/01/23 2:31 p.m.58 views

CVE-2022-4625

The vulnerability CVE-2022-4625 affects the WordPress plugin Login Logout Menu prior to version 1.4.0. The issue stems from not validating and escaping certain shortcode attributes before outputting them, enabling Stored Cross-Site Scripting that can be triggered by a user with low privileges (as...

5.4CVSS5.3AI score0.00534EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder