Lucene search
K

4 matches found

NVD
NVD
added 2022/06/13 1:15 p.m.17 views

CVE-2022-1814

The WP Admin Style WordPress plugin through 0.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

4.8CVSS0.00565EPSS
Exploits2References1
Prion
Prion
added 2022/06/13 1:15 p.m.18 views

Cross site scripting

The WP Admin Style WordPress plugin through 0.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

3.5CVSS4.8AI score0.00565EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/06/13 12:43 p.m.20 views

CVE-2022-1814 WP Admin Style <= 0.1.2 - Admin+ Stored Cross-Site Scripting

The WP Admin Style WordPress plugin through 0.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

5AI score0.00565EPSS
Exploits2References1
CVE
CVE
added 2022/06/13 12:43 p.m.67 views

CVE-2022-1814

The CVE-2022-1814 entry concerns the WordPress plugin WP Admin Style (versions up to 0.1.2). The root cause is failure to sanitize/escape certain plugin settings, which can allow stored XSS by high-privilege users (e.g., admins) when unfiltered_html is disallowed. Several sources (Red Hat, CNVD, ...

4.8CVSS4.7AI score0.00565EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder