CVE-2022-2278 – The Featured Image from URL (FIFU) WordPress plugin before 4.0.1 does not validate, saniti …

1 August 2022

Vuln ID: CVE-2022-2278

Published: 2022-08-01 13:15:11Z

Description: The Featured Image from URL (FIFU) WordPress plugin before 4.0.1 does not validate, sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)

Source: NVD.NIST.GOV

Date:

1 August 2022

Categorie(s):

NVD

Tag(s):

NVD

Foreign states targeting sensitive research at UK universities, MI5 warns25 April 2024
Cops cuff man for allegedly framing colleague with AI-generated hate speech clip25 April 2024
Ring dinged for $5.6M after, among other claims, rogue insider spied on ‘pretty girls’25 April 2024
After a 19-month saga, Broadcom finally patches Brocade SANnav bugs25 April 2024
Navigating the cyber seas: Clarity, compliance, and unified endpoint management 25 April 2024