CVE-2022-1029 – The Limit Login Attempts WordPress plugin before 4.0.72 does not sanitise and escape some …

27 June 2022

Vuln ID: CVE-2022-1029

Published: 2022-06-27 09:15:08Z

Description: The Limit Login Attempts WordPress plugin before 4.0.72 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for example in multisite setup)

Source: NVD.NIST.GOV

Date:

27 June 2022

Categorie(s):

NVD

Tag(s):

NVD

Fortinet named a Challenger in the 2024 Gartner® Magic Quadrant™ for Security Service Edge20 April 2024
AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now20 April 2024
Phishing Scams in the Gaming Community20 April 2024
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks20 April 2024
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack20 April 2024