3 matches found
CVE-2022-4761 Post Views Count <= 3.0.2 - Contributor+ Stored XSS in Shortcode
The Post Views Count WordPress plugin through 3.0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2022-4761
CVE-2022-4761 affects the WordPress plugin Post Views Count, version 3.0.2 and earlier. The vulnerability arises from not validating/escaping shortcode attributes before output, enabling Stored XSS when a crafted shortcode is embedded in a post and viewed by users with contributor roles or higher...
WordPress Post Views Count (Support caching plugins!) Plugin <= 3.0.2 is vulnerable to Cross Site Scripting (XSS)
Software Post Views Count Support caching plugins! Type Plugin Vulnerable versions = 3.0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4761 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 88e7e24c675b...