The Easy Video Player WordPress plugin before 1.2.2.3 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/ac7158c5-3d11-4865-b26f-41ab5a8120af | Exploit Third Party Advisory |
Configurations
History
07 Nov 2023, 03:51
Type | Values Removed | Values Added |
---|---|---|
CWE |
Information
Published : 2022-12-19 14:15
Updated : 2024-02-28 19:51
NVD link : CVE-2022-3937
Mitre link : CVE-2022-3937
CVE.ORG link : CVE-2022-3937
JSON object : View
Products Affected
noorsplugin
- easy_video_player
CWE
No CWE.