3 matches found
CVE-2022-4198
The WP Social Sharing WordPress plugin through 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-4198
The CVE-2022-4198 issue affects the WordPress WP Social Sharing plugin up to version 2.2. The vulnerability stems from inadequate sanitisation/escaping of some settings, enabling Stored Cross-Site Scripting (Stored XSS) by high-privilege users (e.g., admins) even when unfiltered_html is disallowe...
CVE-2022-4198 WP Social Sharing <= 2.2 - Admin+ Stored XSS
The WP Social Sharing WordPress plugin through 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...