2 matches found
CVE-2022-34650
CVE-2022-34650 describes multiple authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in the WordPress plugin wpWax Team (versions
CVE-2022-34853
CVE-2022-34853 affects the WordPress plugin wpWax Team (≤ 1.2.6). The vulnerability is a persistent XSS that requires authentication from a contributor or higher user role; it arises from inadequate sanitisation/escaping of user-supplied data in the plugin. Impact is client-side script execution;...