Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3618

Nov. 21, 2022, 11:15 a.m. |

National Vulnerability Database nist.gov

The Spacer WordPress plugin before 3.0.7 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).

cve

Senior Cloud Security Engineer

@ HelloFresh | Berlin, Germany

Senior Security Engineer

@ Reverb | Remote, US

Sr. Product Manager - Cloud Security/CNAPP

@ Zscaler | Atlanta, GA, United States

ISSO - Security Delivery

@ Novetta | Columbia, MD

Junior Cyber Security Recruitment Consultant (possibility for work abroad)

@ Gradfuel | London, England, United Kingdom

Internship, Cybersecurity

@ Qontigo | Eschborn, Hessen, Germany

Security Administrator

@ Zero Hash | Melbourne, VIC - Remote

Cybersecurity Project Manager, Reactive Lead - Unit 42 Consulting (Remote)

@ Palo Alto Networks | Santa Clara, CA, United States

Consultant, GRC, Proactive Services (Unit 42) - Remote

@ Palo Alto Networks | New York City, United States

Senior Manager, Security Operations (Secure Access Engineering)

@ GitHub | Remote - United States

Junior Penetration Tester - Amsterdam

@ BreachLock | Amsterdam, North Holland, Netherlands

Senior Product Security Engineer

@ 8x8, Inc. | Remote, Romania