CVE-2022-1027 — MEDIUM (4.8)

Q: How severe is CVE-2022-1027?

CVE-2022-1027 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-1027?

Check the references section above for vendor advisories and patch information. Affected products include: Minioragne Page Restriction.

Vulnerability Description

The Page Restriction WordPress (WP) WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross-Site Scripting that will only affect administrator users.

CVSS Score

4.8

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Minioragne	Page Restriction	< 1.2.7

Related Weaknesses (CWE)

CWE-79

References

https://wpscan.com/vulnerability/9dbb0d6d-bc84-4b85-8aa5-fa2a8e6fa5e3ExploitThird Party Advisory
https://wpscan.com/vulnerability/9dbb0d6d-bc84-4b85-8aa5-fa2a8e6fa5e3ExploitThird Party Advisory

FAQ

What is CVE-2022-1027?

CVE-2022-1027 is a vulnerability with a CVSS score of 4.8 (MEDIUM). The Page Restriction WordPress (WP) WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross...

How severe is CVE-2022-1027?

CVE-2022-1027 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-1027?

Check the references section above for vendor advisories and patch information. Affected products include: Minioragne Page Restriction.