Vulnerabilities (CVE)

Filtered by vendor Taskbuilder Subscribe
Filtered by product Taskbuilder
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3137 1 Taskbuilder 1 Taskbuilder 2024-02-28 N/A 5.4 MEDIUM
The Taskbuilder WordPress plugin before 1.0.8 does not validate and sanitise task's attachments, which could allow any authenticated user (such as subscriber) creating a task to perform Stored Cross-Site Scripting by attaching a malicious SVG file