3 matches found
CVE-2022-4712
The WP Cerber Security plugin for WordPress is vulnerable to stored cross-site scripting via the log parameter when logging in to the site in versions up to, and including, 9.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute wheneve...
CVE-2022-4712 WP Cerber Security <= 9.1 - Unauthenticated Stored Cross-Site Scripting
The WP Cerber Security plugin for WordPress is vulnerable to stored cross-site scripting via the log parameter when logging in to the site in versions up to, and including, 9.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute wheneve...
CVE-2022-4712
The CVE-2022-4712 entry applies to the WordPress WP Cerber Security plugin (versions up to 9.1). The vulnerability is a stored cross-site scripting (XSS) in the log parameter during login, exploitable by unauthenticated attackers. Impact: injected scripts execute in pages accessed by users, with ...