Vulnerabilities > WP Useronline Project > WP Useronline > 2.87.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-06 | CVE-2022-2473 | Cross-site Scripting vulnerability in Wp-Useronline Project Wp-Useronline The WP-UserOnline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘templates[browsingpage][text]' parameter in versions up to, and including, 2.87.6 due to insufficient input sanitization and output escaping. | 4.8 |
| 2022-09-06 | CVE-2022-2941 | Cross-site Scripting vulnerability in Wp-Useronline Project Wp-Useronline The WP-UserOnline plugin for WordPress has multiple Stored Cross-Site Scripting vulnerabilities in versions up to, and including 2.88.0. | 4.8 |