Lucene search
WpvulndbWPVDB-ID:B15B7B4D-4F8A-4C38-8169-03701F0FFCA5HistoryApr 15, 2022 - 12:00 a.m.
WP Maintenance < 6.0.6 - Admin+ Stored Cross-Site Scripting
2022-04-1500:00:00
wpscan.com
13
wordpress
maintenance
cross-site scripting
plugin
settings
sanitization
admin
unfiltered_html
EPSS
0.001
Percentile
22.7%
The plugin does not sanitise and escape multiple of its settings, which could allow high privileged users such as admin to perform Cross-Site Scripting attack when the unfiltered_html is disallowed
Related
patchstack
patchstack
cve
cve
CVE-2021-36828
2022-04-15 17:15:08
prion
prion
Cross site scripting
2022-04-15 17:15:00
nvd
nvd
CVE-2021-36828
2022-04-15 17:15:08
cvelist
cvelist