VYPR

HashBar

by WordPress

CVEs (1)

  • CVE-2022-4650MedJan 23, 2023
    risk 0.35cvss 5.4epss 0.01

    The HashBar WordPress plugin before 1.3.6 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.