Lucene search
PRIOn knowledge basePRION:CVE-2022-1628HistorySep 06, 2022 - 6:15 p.m.
Cross site scripting
2022-09-0618:15:00
PRIOn knowledge base
www.prio-n.com
3
wordpress
cross-site scripting
vulnerability
simple seo plugin
attribute-based
nvd
0.001 Low
EPSS
Percentile
19.4%
The Simple SEO plugin for WordPress is vulnerable to attribute-based stored Cross-Site Scripting in versions up to, and including 1.7.91, due to insufficient sanitization or escaping on the SEO social and standard title parameters. This can be exploited by authenticated users with Contributor and above permissions to inject arbitrary web scripts into posts/pages that execute whenever an administrator access the page.
| CPE | Name | Operator | Version |
|---|---|---|---|
| simple_seo | le | 1.7.91 |
Related
nvd
nvd
CVE-2022-1628
2022-09-06 18:15:10
cve
cve
CVE-2022-1628
2022-09-06 18:15:10
cvelist
cvelist
patchstack
patchstack
wpvulndb
wpvulndb
Simple SEO < 1.7.92 - Contributor+ Stored Cross-Site Scripting
2022-07-29 00:00:00