CVE-2022-2040

The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element URL, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks
References
Configurations

Configuration 1

cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-06-27 09:15

Updated : 2022-07-06 05:16


NVD link : CVE-2022-2040

Mitre link : CVE-2022-2040

Products Affected
No products.
CWE