CVE-2022-1994

Posted on by admin

CVE-2022-1994

The Login With OTP Over SMS, Email, WhatsApp and Google Authenticator WordPress plugin before 1.0.8 does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

Source: CVE-2022-1994

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다