CVE-2022-1326 – The Form – Contact Form WordPress plugin through 1.2.0 does not sanitize and escape Custom …

27 June 2022

Vuln ID: CVE-2022-1326

Published: 2022-06-27 09:15:08Z

Description: The Form – Contact Form WordPress plugin through 1.2.0 does not sanitize and escape Custom text fields, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Source: NVD.NIST.GOV

Date:

27 June 2022

Categorie(s):

NVD

Tag(s):

NVD

The MSSP perspective: CISO insights into stronger security19 April 2024
66% of IT leaders doubt the government can defend against cyberwarfare19 April 2024
FBI chief says Chinese hackers have infiltrated critical US infrastructure19 April 2024
Chasing business and partnerships, Apple goes APAC19 April 2024
French hospital impacted by cyberattack19 April 2024