CVE-2022-1028 – The WordPress Security Firewall, Malware Scanner, Secure Login and Backup plugin before 4. …

27 June 2022

Vuln ID: CVE-2022-1028

Published: 2022-06-27 09:15:08Z

Description: The WordPress Security Firewall, Malware Scanner, Secure Login and Backup plugin before 4.2.1 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for example in multisite setup)

Source: NVD.NIST.GOV

Date:

27 June 2022

Categorie(s):

NVD

Tag(s):

NVD

Tracing the Steps of Cyber Intruders: The Path of Lateral Movement23 April 2024
GitHub Comments Abused to Spread Malware in Fake Microsoft Repositories23 April 2024
PoC Exploit Released For Critical Oracle VirtualBox Vulnerability23 April 2024
New Torq HyperSOC leverages AI for threat investigation and remediation23 April 2024
Mandiant: Orgs are detecting cybercriminals faster than ever23 April 2024