Lucene search
Vinay Varma MudunuriWPEX-ID:0184D70A-548C-4258-B01D-7477F03CC346HistoryMay 09, 2022 - 12:00 a.m.
Call&Book Mobile Bar <= 1.2.2 - Admin+ Stored Cross Site Scripting
2022-05-0900:00:00
Vinay Varma Mudunuri
68
0.001 Low
EPSS
Percentile
25.0%
The plugin does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
Put the following payload in any of the plugin's settings: "><img src onerror=alert(/XSS/)>Related
prion
prion
Cross site scripting
2022-05-30 09:15:00
nvd
nvd
CVE-2022-1644
2022-05-30 09:15:10
cve
cve
CVE-2022-1644
2022-05-30 09:15:10
patchstack
patchstack
wpvulndb
wpvulndb
Call&Book Mobile Bar <= 1.2.2 - Admin+ Stored Cross Site Scripting
2022-05-09 00:00:00
cvelist
cvelist