Search criteria
2 vulnerabilities found for Easy Smooth Scroll Links by Unknown
CVE-2022-0728 (GCVE-0-2022-0728)
Vulnerability from cvelistv5 – Published: 2022-04-11 14:40 – Updated: 2024-08-02 23:40
VLAI?
Title
Easy Smooth Scroll Links < 2.23.1 - Admin+ Stored Cross-Site Scripting
Summary
The Easy Smooth Scroll Links WordPress plugin before 2.23.1 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Easy Smooth Scroll Links |
Affected:
2.23.1 , < 2.23.1
(custom)
|
Credits
Park won seok
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:40:03.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Easy Smooth Scroll Links",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.23.1",
"status": "affected",
"version": "2.23.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Park won seok"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Easy Smooth Scroll Links WordPress plugin before 2.23.1 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T14:40:49",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Easy Smooth Scroll Links \u003c 2.23.1 - Admin+ Stored Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-0728",
"STATE": "PUBLIC",
"TITLE": "Easy Smooth Scroll Links \u003c 2.23.1 - Admin+ Stored Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Easy Smooth Scroll Links",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.23.1",
"version_value": "2.23.1"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Park won seok"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Easy Smooth Scroll Links WordPress plugin before 2.23.1 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0728",
"datePublished": "2022-04-11T14:40:49",
"dateReserved": "2022-02-22T00:00:00",
"dateUpdated": "2024-08-02T23:40:03.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0728 (GCVE-0-2022-0728)
Vulnerability from nvd – Published: 2022-04-11 14:40 – Updated: 2024-08-02 23:40
VLAI?
Title
Easy Smooth Scroll Links < 2.23.1 - Admin+ Stored Cross-Site Scripting
Summary
The Easy Smooth Scroll Links WordPress plugin before 2.23.1 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Easy Smooth Scroll Links |
Affected:
2.23.1 , < 2.23.1
(custom)
|
Credits
Park won seok
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:40:03.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Easy Smooth Scroll Links",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.23.1",
"status": "affected",
"version": "2.23.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Park won seok"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Easy Smooth Scroll Links WordPress plugin before 2.23.1 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T14:40:49",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Easy Smooth Scroll Links \u003c 2.23.1 - Admin+ Stored Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-0728",
"STATE": "PUBLIC",
"TITLE": "Easy Smooth Scroll Links \u003c 2.23.1 - Admin+ Stored Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Easy Smooth Scroll Links",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.23.1",
"version_value": "2.23.1"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Park won seok"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Easy Smooth Scroll Links WordPress plugin before 2.23.1 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0728",
"datePublished": "2022-04-11T14:40:49",
"dateReserved": "2022-02-22T00:00:00",
"dateUpdated": "2024-08-02T23:40:03.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}