Security report for CVE Login with phone number > CVE-2022-0598
- CVE
- Application
- Date
- Jun 06, 2024, 21:06:57
- Research Description
- The Login with phone number WordPress plugin before 1.3.8 does not sanitise and escape plugin settings which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
- Status
-
vulnerableMedium
- Actual on
- Oct 06, 2024, 09:10:55