CVE-2022-4381
Summary
The Popup Maker WordPress plugin before 1.16.9 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
- LOW
- NETWORK
- LOW
- CHANGED
- REQUIRED
- LOW
- LOW
- NONE
References
Advisory Timeline
- Published