CVE Published: 06/02/2023 |
CVE Updated: 03/08/2024 |
CVE Year: 2022 Source: WPScan |
Vendor: Unknown |
Product: Logo Slider Status : PUBLISHED
CVE-2022-4664 Description
The Logo Slider WordPress plugin before 3.6.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks