Vulnerabilities > Wpdarko > Team Members > 5.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-02 | CVE-2022-3936 | Unspecified vulnerability in Wpdarko Team Members The Team Members WordPress plugin before 5.2.1 does not sanitize and escapes some of its settings, which could allow high-privilege users such as editors to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in a multisite setup). | 4.8 |