Cross site scripting

2022-05-2308:16:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

40.3%

JSON

The Domain Replace WordPress plugin through 1.3.8 does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

CPENameOperatorVersion
domain_replacele1.3.8

CPE	Name	Operator	Version
	domain_replace	le	1.3.8

References

wpscan.com/vulnerability/fc1e8681-9229-4645-bc22-4897522d0c65

0.001 Low

EPSS

Percentile

40.3%

JSON

Related for PRION:CVE-2022-1218