VYPR

Mongoose Page Plugin

by WordPress

CVEs (1)

  • CVE-2022-4675MedJan 23, 2023
    risk 0.35cvss 5.4epss 0.00

    The Mongoose Page Plugin WordPress plugin before 1.9.0 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.