CVE-2022-42460 An access control vulnerability in the Traffic Manager plugin = 1.4.5 on WordPress allows for XSS.

This vulnerability can be exploited by injecting malicious code on the website through a malicious or compromised email account or by injecting malicious or compromised codes through other means, such as a web form.

A Stored XSS vulnerability leading to Cross-site scripting in Traffic Manager plugin can be exploited by malicious or compromised users to inject and execute malicious code on the website to steal data or to manipulate data.

Broken Access Control vulnerability leading to privilege escalation leading to XSS in Traffic Manager plugin can be exploited by malicious or compromised users to gain access to restricted areas of the website to steal data or to manipulate data.

Broken Access Control vulnerabilities leading to privilege escalation leading to XSS in Traffic Manager plugin can be exploited by malicious or compromised users to gain access to restricted areas of the website to steal data or to manipulate data.
Redirection vulnerability lead to XSS in Traffic Manager plugin can be exploited by malicious or compromised users to steal data or to manipulate data. Broken Access Control vulnerability leading to privilege escalation leading to XSS in Traffic Manager plugin can be exploited by malicious or compromised users to gain access to restricted areas of the website to steal data or to manipulate data.
This vulnerability can be exploited by a malicious or compromised user to inject and execute malicious code on the website to steal data or to manipulate data.

Broken Access Control vulnerability leading to XSS in Traffic Manager plugin

This vulnerability can be exploited by malicious or compromised users to gain access to restricted areas of the website to steal data or to manipulate data.

Timeline

Published on: 11/10/2022 22:15:00 UTC
Last modified on: 11/15/2022 19:57:00 UTC

References