Vulnerabilities

CVE-2022-4307

by Fred · 23/01/2023

The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin.

Date published : 2023-01-23

https://wpscan.com/vulnerability/4000ba69-d73f-4c5b-a299-82898304cebb

Similar

Tags: Cybersecurity Alert