Vulnerabilities > CVE-2022-1062 - Unspecified vulnerability in Th23 Social

CVSS 4.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

th23

NVD

Published: 2022-05-16

Updated: 2024-11-21

Summary

The th23 Social WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

Vulnerable Configurations

Part	Description	Count
Application	Th23 Th23 Th23 Social *	1

References

https://wpscan.com/vulnerability/e770ba87-95d2-40c9-89cc-5d7390e9cbb0
https://wpscan.com/vulnerability/e770ba87-95d2-40c9-89cc-5d7390e9cbb0