3 matches found
CVE-2022-1090 Good & Bad Comments <= 1.0.0 - Admin+ Stored Cross-Site Scripting
The Good & Bad Comments WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
WordPress plugin Good & Bad Comments跨站脚本漏洞
WordPress is a blogging platform developed using the PHP language. WordPress plugin Good...
WordPress Good & Bad Comments plugin <= 1.0.0 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Vaibhav Nitin Gaikwad in WordPress Good & Bad Comments plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of March 25, 2022 and is not available for download. This closure is temporary, pending a full...