CVE-2022-1027

Summary

The Page Restriction WordPress (WP) WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross-Site Scripting that will only affect administrator users.

Affected Software

VendorProductVersion RangeStatus
UnknownPage Restriction WordPress (WP) – Protect WP Pages/Post1.2.7 < 1.2.7affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References