CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Custom Tinymce Shortcode Button Project: >> Custom Tinymce Shortcode Button >> 1.1 Security Vulnerabilities

CVE-2022-1217

The Custom TinyMCE Shortcode Button WordPress plugin through 1.1 does not sanitise and escape the PHP_SELF variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting.

CVSS Score

6.1

EPSS Score

0.002

Published

2022-05-16

Page 1

Vulnerabilities

Vulnerable Software

Custom Tinymce Shortcode Button Project: >> Custom Tinymce Shortcode Button >> 1.1 Security Vulnerabilities

Products

Pricing

Contact Us