CVE-2022-1506

CVE-2022-1506: WP Born Babies <= 1.0 - Contributor+ Stored Cross-Site Scripting

Vendor Unknown
Product WP BORN BABIES PLUGIN
Weakness CWE-79 · XSS
Published June 6, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The WP Born Babies WordPress plugin through 1.0 does not sanitise and escape some of its fields, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks

Key dates

02Disclosure timeline

June 6, 2022 CVE published
August 3, 2024 Record updated