CVE-2022-1320 – Sliderby10Web < 1.2.52 - Admin+ Stored Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2022-1320

The Sliderby10Web WordPress plugin before 1.2.52 does not properly sanitize and escape some of its settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed El plugin Sliderby10Web de WordPress versiones anteriores a 1.2.52 no sanea ni escapa correctamente de algunos de sus parámetros, lo que podría permitir a los usuarios con altos privilegios, como los administradores, llevar a cabo ataques de Cross-Site Scripting incluso cuando unfiltered_html no está permitido • https://wpscan.com/vulnerability/43581d6b-333a-48d9-a1ae-b9479da8ff87 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •