First published: Fri Nov 18 2022(Updated: )
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Accessibility plugin <= 1.0.3 on WordPress.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Accessibility Project Accessibility | <1.0.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-41643 is a stored Cross-Site Scripting (XSS) vulnerability in the Accessibility plugin version 1.0.3 or below on WordPress.
CVE-2022-41643 has a severity score of 4.8 (medium).
CVE-2022-41643 affects WordPress websites that have the Accessibility plugin installed in version 1.0.3 or below and are accessed by an authenticated administrator or higher.
To fix CVE-2022-41643, you should update the Accessibility plugin to version 1.0.4 or higher, which includes a patch for the vulnerability.
CWE-79 is a Common Weakness Enumeration category that relates to Cross-Site Scripting (XSS) vulnerabilities.