Vulnerabilities > CVE-2022-4394 - Unspecified vulnerability in Ipages Flipbook Project Ipages Flipbook

047910
CVSS 5.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
ipages-flipbook-project
NVD
Published: 2023-01-09
Updated: 2024-11-21

Summary

The iPages Flipbook For WordPress plugin through 1.4.6 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Vulnerable Configurations

Part Description Count
Application
Ipages_Flipbook_Project
31

References