3D FlipBook – PDF Flipbook WordPress, CVE-2022-4453
- CVE, Research URL
- Application
- Published on
- Jan 16, 2023
- Research Description
- The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks against high privilege users like administrators.
- Affected versions
-
max 1.13.3.
- Status
-
vulnerable