Lucene search
WPScanCVELIST:CVE-2022-0840HistoryApr 11, 2022 - 2:40 p.m.
CVE-2022-0840 Easy Social Icons < 3.2.1 - Admin+ Stored Cross-Site Scripting in add icon
2022-04-1114:40:52
CWE-79
WPScan
www.cve.org
1
easy social icons
wordpress
stored cross-site scripting
The Easy Social Icons WordPress plugin before 3.2.1 does not properly escape the image_file field when adding a new social icon, allowing high privileged users to inject arbitrary javascript even when the unfiltered_html capability is disallowed.
CNA Affected
[
{
"product": "Easy Social Icons",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.2.1",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
WordPress Easy Social Icons plugin cross-site scripting vulnerability
2022-03-24 00:00:00
prion
prion
Design/Logic Flaw
2022-04-11 15:15:00
wpexploit
wpexploit
Easy Social Icons < 3.2.1 - Admin+ Stored Cross-Site Scripting in add icon
2022-03-21 00:00:00
wpvulndb
wpvulndb
Easy Social Icons < 3.2.1 - Admin+ Stored Cross-Site Scripting in add icon
2022-03-21 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2022-0840
2022-04-11 15:15:08
cve
cve
CVE-2022-0840
2022-04-11 15:15:08