Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4
CVE-2023-2450
- EPSS 0.15%
- Veröffentlicht 09.06.2023 06:16:07
- Zuletzt bearbeitet 21.11.2024 07:58:38
The FiboSearch - AJAX Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.23.0 due to insufficient input sanitization and output escaping. This makes it poss...
4.8
CVE-2022-1469
- EPSS 0.23%
- Veröffentlicht 08.06.2022 10:15:09
- Zuletzt bearbeitet 21.11.2024 06:40:47
The FiboSearch WordPress plugin before 1.17.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed
1