CVE-2022-3408

Published: 2022-10-31T16:15Z

Last Modified: 2024-11-21T07:19Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The WP Word Count WordPress plugin through 3.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt