Vulnerabilities

CVE-2022-1643

by Fred · 30/05/2022

The Birthdays Widget WordPress plugin through 1.7.18 does not sanitise and escape some of its fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed

Date published : 2022-05-30

https://wpscan.com/vulnerability/73111c7e-c772-4bed-b282-854c1ae57444

Similar

Tags: Cybersecurity Alert