RSS   Vulnerabilities for 'Social comments'   RSS

2022-04-25
 
CVE-2022-0876

CWE-79
 

 
The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfiltered_html is disallowed

 

 >>> Vendor: Wpdevart 10 Products
Gallery
Booking calendar
Responsive image gallery gallery album
Poll\, survey\, questionnaire and voting system
Youtube embed\, playlist and popup
Countdown and countup\, woocommerce sales timer
Coming soon and maintenance mode
Duplicate page or post
Pricing table builder
Social comments


Copyright 2024, cxsecurity.com

 

Back to Top