PT-2022-27258 · Ayoub Media · Am-Hili
Hoang Van
+1
·
Published
2022-11-02
·
Updated
2022-11-04
·
CVE-2022-44586
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Ayoub Media AM-HiLi plugin version 1.0 and earlier
Description
The issue is related to an authenticated Stored Cross-Site Scripting (XSS) in the Ayoub Media AM-HiLi plugin on WordPress. This means that an attacker with admin or higher privileges can inject malicious scripts into the website, potentially leading to unauthorized access or control.
Recommendations
For Ayoub Media AM-HiLi plugin version 1.0 and earlier, update to a version later than 1.0 to resolve the issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Am-Hili