Vulnerability CVE-2022-4674
Published: 2023-02-06

Description:
The Ibtana WordPress plugin before 1.1.8.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://wpscan.com/vulnerability/eda64678-81ae-4be3-941e-a1e26e54029b
Copyright 2024, cxsecurity.com

 

Back to Top