Description

The WP Attachments WordPress plugin before 5.0.5 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).

Related CPE's

a

marcomilesi

wp_attachments

*

*

*

*

*

wordpress

Vulnerable

References

https://wpscan.com/vulnerability/017ca231-e019-4694-afa2-ab7f8481ae63

ExploitThird Party Advisory

https://wpscan.com/vulnerability/017ca231-e019-4694-afa2-ab7f8481ae63

ExploitThird Party Advisory

Weaknesses

[email protected]

Secondary
CWE-79

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

4.8 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-11-14T14:15:48.950Z

3 years ago

Last modified

2025-05-05T14:15:19.680Z

11 months ago