Unrated severityNVD Advisory· Published May 30, 2022· Updated Aug 3, 2024
No Future Posts <= 1.4 - Admin+ Stored Cross-Site Scripting
CVE-2022-1387
Description
The No Future Posts WordPress plugin through 1.4 does not escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/No Future Posts plugindescription
- Range: <=1.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/48252ffb-f21c-4e2a-8f78-bdc7164e7347mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.