CVE-2022-45082

Description

Multiple Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilities in Accordions plugin <= 2.0.3 on WordPress via &addons-style-name and &accordions_or_faqs_license_key.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

None

Integrity

Low

Availability

None

Affected products

Biplob Adhikari / Accordions – Multiple Accordions or FAQs Builder (WordPress plugin)<= 2.0.3 – 2.0.3

References

MISChttps://wordpress.org/plugins/accordions-or-faqs/#developers
MISChttps://patchstack.com/database/vulnerability/accordions-or-faqs/wordpress-accordions-plugin-2-0-3-multiple-auth-stored-cross-site-scripting-xss-vulnerabilities?_s_id=cve