Lucene search
Park won seokWPEX-ID:C6D3D308-4BF1-493F-86E9-DD623526E3C6HistoryMar 21, 2022 - 12:00 a.m.
Easy Smooth Scroll Links < 2.23.1 - Admin+ Stored Cross-Site Scripting
2022-03-2100:00:00
Park won seok
64
security
xss
payload
plugin
EPSS
0.001
Percentile
24.8%
The plugin does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Put the following payload in any text field settings of the plugin (for example Scroll Speed) and save: "><script>alert(/XSS/)</script>Related
patchstack
patchstack
wpvulndb
wpvulndb
Easy Smooth Scroll Links < 2.23.1 - Admin+ Stored Cross-Site Scripting
2022-03-21 00:00:00
cve
cve
CVE-2022-0728
2022-04-11 15:15:08
nvd
nvd
CVE-2022-0728
2022-04-11 15:15:08
cvelist
cvelist
prion
prion
Cross site scripting
2022-04-11 15:15:00
cnvd
cnvd
WordPress Easy Smooth Scroll Links plugin cross-site scripting vulnerability
2022-03-24 00:00:00