WordPress Ezoic plugin <= 2.8.8 - Unauthenticated Plugin Settings Change Leading To Stored XSS Vulnerability
CVE-2022-41132
6.1MEDIUM
Summary
Unauthenticated Plugin Settings Change Leading To Stored XSS Vulnerability in Ezoic plugin <= 2.8.8 on WordPress.
Affected Version(s)
Ezoic (WordPress plugin) <= 2.8.8 <= 2.8.8
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Vulnerability discovered by José Aguilera (Patchstack Alliance)