The Image optimization & Lazy Load by Optimole WordPress plugin before 3.3.2 does not sanitise and escape its "Lazyload background images for selectors" settings, which could allow high privilege users such as admin to perform Cross-Site scripting attacks even when the unfiltered_html capability is disallowed.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2022-04-11T14:41:01
Updated: 2024-08-02T23:47:42.871Z
Reserved: 2022-03-14T00:00:00
Link: CVE-2022-0969
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-04-11T15:15:08.833
Modified: 2024-11-21T06:39:46.033
Link: CVE-2022-0969
Redhat
No data.