Lucene search
WpvulndbWPVDB-ID:3117E603-7196-44A0-BCA1-49ED5DDDAC76HistoryDec 06, 2022 - 12:00 a.m.
WP User <= 7.0 - Admin+ Stored XSS
2022-12-0600:00:00
wpscan.com
3
wp user
plugin
vulnerability
admin
stored xss
security
software
0.001 Low
EPSS
Percentile
21.1%
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Related
prion
prion
Cross site scripting
2022-12-15 21:15:00
cve
cve
CVE-2022-4519
2022-12-15 21:15:12
cvelist
cvelist
CVE-2022-4519
2022-12-15 19:19:18
nvd
nvd
CVE-2022-4519
2022-12-15 21:15:12