Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:50 p.m.10 views

CVE-2022-4196

The Multi Step Form WordPress plugin before 1.7.8 does not sanitise and escape some of its form fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.0047EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/06/08 10:15 a.m.5 views

CVE-2022-1569

The Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more! WordPress plugin before 1.4.9.4 does not sanitise and escape some of its form fields, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks...

4.8CVSS5.8AI score0.00565EPSS
Exploits2References2
exploitpack
exploitpack
added 2002/06/10 12:0 a.m.15 views

MyHelpDesk 20020509 - HTML Injection

MyHelpDesk 20020509 - HTML Injection source: https://www.securityfocus.com/bid/4967/info It has been reported that MyHelpDesk is vulnerable to HTML injection attacks. MyHelpDesk does not properly sanitize HTML tags from form fields. Attackers may pass arbitrary HTML and script code through the...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2002/06/10 12:0 a.m.20 views

MyHelpDesk 20020509 - HTML Injection

source: https://www.securityfocus.com/bid/4967/info It has been reported that MyHelpDesk is vulnerable to HTML injection attacks. MyHelpDesk does not properly sanitize HTML tags from form fields. Attackers may pass arbitrary HTML and script code through the unsanitized form fields or through...

7AI score
Exploits0
Rows per page
Query Builder