CVE-2022-1568

Team Members < 5.1.1 - Admin+ Stored Cross-Site Scripting

EPSS 0.6%CWE-79

The Team Members WordPress plugin before 5.1.1 does not escape some of its Team settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Productos afectados

Unknown · Team Members

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://wpscan.com/vulnerability/88328d17-ffc9-4b94-8b01-ad2fd3047fbc