WordPress Simple Tracking plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is an application plugin for WordPress. A cross-site scripting vulnerability exists in versions of WordPress Simple Tracking plugin prior to 1.7, which stems from the plugin's...

CVE-2022-0700

The Simple Tracking WordPress plugin before 1.7 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-0700

The Simple Tracking WordPress plugin before 1.7 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-0700

CVE-2022-0700 affects the WordPress Simple Tracking plugin prior to version 1.7. The vulnerability is a stored Cross-Site Scripting (XSS) caused by the plugin not sanitising and escaping settings, which could let high-privilege users (e.g., admins) execute scripts even when unfiltered_html is dis...

WordPress plugin 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is an application plugin for WordPress. A cross-site scripting vulnerability exists in versions of WordPress Simple Tracking plugin prior to 1.7, which stems from the plugin's...