3 matches found
CVE-2022-4487
CVE-2022-4487 affects the Easy Accordion WordPress plugin prior to version 2.2.0. The vulnerability arises because the plugin does not validate and escape several shortcode attributes before echoing them in the page, enabling Stored XSS by users with as low as a contributor, potentially targeting...
CVE-2024-1363
CVE-2024-1363 corresponds to the WordPress plugin Easy Accordion – Best Accordion FAQ Plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) due to insufficient input sanitization and output escaping in the accordion_content_source attribute. Affected versions are all up t...
CVE-2021-24576
CVE-2021-24576 affects the WordPress Easy Accordion plugin prior to version 2.0.22. The vulnerability is an authenticated stored XSS due to insufficient sanitization when adding new items to an accordion. Impact is stored XSS on wp-admin and frontend pages that render the accordion, as described ...