CVE-2022-2426

Publication date

2022-08-08 13:51:14

Family

WPScan

State

PUBLISHED

Description

The Thinkific Uploader WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators.