CVE-2022-2152 – The Duplicate Page and Post Plugin WordPress plugin through 2.7 does not sanitise and esca …

15 August 2022

Vuln ID: CVE-2022-2152

Published: 2022-08-15 11:21:00Z

Description: The Duplicate Page and Post Plugin WordPress plugin through 2.7 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Source: NVD.NIST.GOV

Date:

15 August 2022

Categorie(s):

NVD

Tag(s):

NVD

Four trends to top the CISO’s packed agenda26 April 2024
Microsoft Publicly Releases MS-DOS 4.0 Source Code26 April 2024
New SSLoad Malware Combined With Tools Hijacking Entire Network Domain26 April 2024
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites26 April 2024
Top 5 MSP Cyberattacks in 2023/202426 April 2024