The Simple Payment Donations & Subscriptions WordPress plugin before 4.2.1 does not sanitise and escape user input given in its forms, which could allow unauthenticated attackers to perform Cross-Site Scripting attacks against admins
CVSS
No CVSS.
References
Advertisement
Configurations
No configuration.
Information
Published : 2022-09-05 06:15
Updated : 2022-09-05 21:07
NVD link : CVE-2022-2565
Mitre link : CVE-2022-2565
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Advertisement
Products Affected
No product.