Published on: Not Yet Published
Last Modified on: 01/23/2023 05:17:00 PM UTC
The WP Google My Business Auto Publish WordPress plugin before 3.4 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
- CVE-2022-4790 has been assigned by [email protected] to track the vulnerability
- Affected Vendor/Software: Unknown - WP Google My Business Auto Publish version = 0
|WP Google My Business Auto Publish < 3.4 - Contributor+ Stored XSS via Shortcode WordPress Security Vulnerability|| web.archive.org |
Inactive LinkNot Archived