Vulnerabilities > CVE-2022-0876 - Unspecified vulnerability in Wpdevart Social Comments

CVSS 4.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

wpdevart

NVD

Published: 2022-04-25

Updated: 2024-11-21

Summary

The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfiltered_html is disallowed

Vulnerable Configurations

Part	Description	Count
Application	Wpdevart Wpdevart Social Comments *	1

References

https://wpscan.com/vulnerability/73be6e92-ea37-4416-977d-52ee2afa022a
https://wpscan.com/vulnerability/73be6e92-ea37-4416-977d-52ee2afa022a