Vulnerabilities

CVE-2022-1094

by Fred · 25/04/2022

The amr users WordPress plugin before 4.59.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

Date published : 2022-04-25

https://wpscan.com/vulnerability/3c03816b-e381-481c-b9f5-63d0c24ff329

Similar

Tags: Cybersecurity Alert