Unrated severityNVD Advisory· Published Mar 7, 2022· Updated Aug 2, 2024
YOP Poll < 6.3.5 - Author+ Stored Cross-Site Scripting
CVE-2022-0205
Description
The YOP Poll WordPress plugin before 6.3.5 does not sanitise and escape some of the settings (available to users with a role as low as author) before outputting them, leading to a Stored Cross-Site Scripting issue
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <6.3.5
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/446de364-720e-41ec-b80e-7678c8f4ad80mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.