Unrated severityNVD Advisory· Published Apr 25, 2022· Updated Aug 2, 2024
Opensea < 1.0.3 - Admin+ Stored XSS
CVE-2022-1228
Description
The Opensea WordPress plugin before 1.0.3 does not sanitize and escape some of its settings, like its "Referer address" field, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Opensea plugindescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/ef6830c0-e933-4e62-8321-011d91f9cfeamitrex_refsource_MISC
News mentions
0No linked articles in our index yet.