MidnightBSD

Advisories for 3d_flipbook_project

CVE-2022-4453

The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks against high privilege users like administrators.

Products Affected

Vendor Product Version
3d_flipbook_project 3d_flipbook *