WP-CORS <= 0.2.1 - Admin Stored XSS. Unsanitised settings allow Stored XSS attacks by admin even with unfiltered_html capability disallowed in multisite setup
Reporter | Title | Published | Views | Family All 6 |
---|---|---|---|---|
NVD | CVE-2022-47606 | 10 May 202311:15 | – | nvd |
CVE | CVE-2022-47606 | 10 May 202311:15 | – | cve |
Patchstack | WordPress WP-CORS Plugin <= 0.2.1 is vulnerable to Cross Site Scripting (XSS) | 28 Apr 202300:00 | – | patchstack |
Cvelist | CVE-2022-47606 WordPress WP-CORS Plugin <= 0.2.1 is vulnerable to Cross Site Scripting (XSS) | 10 May 202310:31 | – | cvelist |
Prion | Cross site scripting | 10 May 202311:15 | – | prion |
Wordfence Blog | Wordfence Intelligence Weekly WordPress Vulnerability Report (Apr 24, 2023 to Apr 30, 2023) | 4 May 202312:54 | – | wordfence |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo