Vulnerabilities (CVE)

Filtered by vendor Wpdevart Subscribe
Filtered by product Social Comments
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0876 1 Wpdevart 1 Social Comments 2024-02-04 3.5 LOW 4.8 MEDIUM
The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfiltered_html is disallowed