Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:004A4516-7704-40DF-B939-7A8CEEB7E7DE
HistoryDec 14, 2022 - 12:00 a.m.

Permalink Manager Lite < 2.3.0 - Authenticated Stored XSS

2022-12-1400:00:00
wpscan.com
12
plugin
escape
page/post
media
titles
attackers
stored xss
low privilege users
blog

EPSS

0.001

Percentile

19.6%

JSON

The plugin does not escape page/post and media titles, which could allow attackers to perform Stored XSS attacks when another plugin/theme allowing low privilege users to modify such titles is active on the blog as well

Related

prion 1
nvd 1
cve 1
cvelist 1
prion
prion
Cross site scripting
2022-12-14 22:15:00
nvd
nvd
CVE-2022-4410
2022-12-14 22:15:11
cve
cve
CVE-2022-4410
2022-12-14 22:15:11
cvelist
cvelist
CVE-2022-4410
2022-12-14 21:20:13

EPSS

0.001

Percentile

19.6%

JSON
Related for WPVDB-ID:004A4516-7704-40DF-B939-7A8CEEB7E7DE
prion1nvd1cve1cvelist1