CVE-2022-2709 – The Float to Top Button WordPress plugin through 2.3.6 does not escape some of its setting …

19 September 2022

Vuln ID: CVE-2022-2709

Published: 2022-09-19 14:15:10Z

Description: The Float to Top Button WordPress plugin through 2.3.6 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Source: NVD.NIST.GOV

Date:

19 September 2022

Categorie(s):

NVD

Tag(s):

NVD

Leicester streetlights take ransomware attack personally, shine on 24/723 April 2024
Veeam acquires Coveware to bolster its ransomware incident response capabilities23 April 2024
German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies23 April 2024
Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery23 April 2024
Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases23 April 2024