Vulnerability CVE-2022-1387


Published: 2022-05-30

Description:
The No Future Posts WordPress plugin through 1.4 does not escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://wpscan.com/vulnerability/48252ffb-f21c-4e2a-8f78-bdc7164e7347

Copyright 2026, cxsecurity.com

 

Back to Top