CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Birthdays Widget Project: >> Birthdays Widget Security Vulnerabilities

CVE-2022-1643

The Birthdays Widget WordPress plugin through 1.7.18 does not sanitise and escape some of its fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed

CVSS Score

4.8

EPSS Score

0.001

Published

2022-05-30

Page 1

Vulnerabilities

Vulnerable Software

Birthdays Widget Project: >> Birthdays Widget Security Vulnerabilities

Products

Pricing

Contact Us