Security Advisory

CVE-2022-22734

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-14 14:41:53

Last updated 2024-08-03 03:21:48

Assigner WPScan

State PUBLISHED

Description

The Simple Quotation WordPress plugin through 1.3.2 does not have CSRF check when creating or editing a quote and does not sanitise and escape Quotes. As a result, attacker could make a logged in admin create or edit arbitrary quote, and put Cross-Site Scripting payloads in them

← Browse all CVEs View on cve.org ↗