CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Opensea Project: >> Opeansea Security Vulnerabilities

CVE-2022-1228

The Opensea WordPress plugin before 1.0.3 does not sanitize and escape some of its settings, like its "Referer address" field, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

CVSS Score

4.8

EPSS Score

0.002

Published

2022-04-25

Page 1

Vulnerabilities

Vulnerable Software

Opensea Project: >> Opeansea Security Vulnerabilities

Products

Pricing

Contact Us