VYPR
Unrated severityNVD Advisory· Published May 30, 2022· Updated Aug 2, 2024

BannerMan <= 0.2.4 - Multiple Admin+ Stored Cross-Site Scripting

CVE-2022-1275

Description

The BannerMan WordPress plugin through 0.2.4 does not sanitize or escape its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks when the unfiltered_html is disallowed (such as in multisite)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Booster/Bannermanllm-fuzzy2 versions
    <=0.2.4+ 1 more
    • (no CPE)range: <=0.2.4
    • (no CPE)range: 0.2.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.