Security Advisory

CVE-2022-0211

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-21 10:46:05

Last updated 2024-08-02 23:18:42

Assigner WPScan

State PUBLISHED

Description

The Shield Security WordPress plugin before 13.0.6 does not sanitise and escape admin notes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.

← Browse all CVEs View on cve.org ↗