Filtered by vendor Evaluate Project Subscriptions
Filtered by product Evaluate Subscriptions

Search

Switch to Advanced Search (Beta)
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-3753 1 Evaluate Project 1 Evaluate 2024-11-21 4.8 Medium
The Evaluate WordPress plugin through 1.0 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).