Kunze LAW

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-14	CVE-2022-0674	Cross-site Scripting vulnerability in Kunze-Medien Kunze LAW The Kunze Law WordPress plugin before 2.1 does not escape its 'E-Mail Error "From" Address' settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed network kunze-medien CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.