Vulnerability CVE-2022-3074
Published: 2022-09-26

Description:
The Slider Hero WordPress plugin before 8.4.4 does not escape the slider Name, which could allow high-privileged users to perform Cross-Site Scripting attacks.

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://wpscan.com/vulnerability/90ebaedc-89df-413f-b22e-753d4dd5e1c3
Copyright 2026, cxsecurity.com

 

Back to Top