2 matches found
WordPress Maspik - Advanced Spam protection plugin < 2.1.3 - Admin+ Stored XSS vulnerability
WordPress Maspik - Advanced Spam protection plugin 2.1.3 - Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Maspik – Spam blacklist versions 2.1.3...
CVE-2024-9182
The Maspik WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...