CVE-2022-3909 (add_comments) | allinfosecnews.com

Dec. 5, 2022, 5:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

The Add Comments WordPress plugin through 1.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 5 months, 3 weeks ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android bypass check cve +10

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Regional Leader, Cyber Crisis Communications

@ Google | United Kingdom

View on infosec-jobs.com

Regional Intelligence Manager, Compliance, Safety and Risk Management

@ Google | London, UK

View on infosec-jobs.com

Senior Analyst, Endpoint Security

@ Scotiabank | Toronto, ON, CA, M1K5L1

View on infosec-jobs.com

Software Engineer, Security/Privacy, Google Cloud

@ Google | Bengaluru, Karnataka, India

View on infosec-jobs.com

Senior Security Engineer

@ Coinbase | Remote - USA

View on infosec-jobs.com