CVE-2022-22734
N/A
N/A
Summary
The Simple Quotation WordPress plugin through 1.3.2 does not have CSRF check when creating or editing a quote and does not sanitise and escape Quotes. As a result, attacker could make a logged in admin create or edit arbitrary quote, and put Cross-Site Scripting payloads in them
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | Simple Quotation | 0 <= 1.3.2 | affected |
Weaknesses
- CWE-116 Improper Encoding or Escaping of Output
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.