mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-29 17:50:34 +00:00
907 B
907 B
CVE-2022-1322
&color=brighgreen)
Description
The Coming Soon - Under Construction WordPress plugin through 1.1.9 does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
POC
Reference
- https://wpscan.com/vulnerability/e1724471-26bd-4cb3-a279-51783102ed0c
- https://wpscan.com/vulnerability/e1724471-26bd-4cb3-a279-51783102ed0c