Vulnerabilities > Custom Tinymce Shortcode Button Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-16 | CVE-2022-1217 | Cross-site Scripting vulnerability in Custom Tinymce Shortcode Button Project Custom Tinymce Shortcode Button The Custom TinyMCE Shortcode Button WordPress plugin through 1.1 does not sanitise and escape the PHP_SELF variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting. | 4.3 |