3 matches found
CVE-2022-28290
Reflective Cross-Site Scripting vulnerability in WordPress Country Selector Plugin Version 1.6.5. The XSS payload executes whenever the user tries to access the country selector page with the specified payload as a part of the HTTP request...
CVE-2022-28290
creationtimestamp| type| source ---|---|--- 2022-04-25 20:42:20+00:00| seen| https://t.me/cibsecurity/41412 2026-06-23 14:06:16+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a90e3ac0-2c96-43a8-9e45-4aa24424d3bc 2026-06-30 09:23:49+00:00| exploited|...
CVE-2022-28290
CVE-2022-28290 affects the WordPress Country Selector plugin until version 1.6.5. The vulnerability is a reflected Cross-Site Scripting (XSS) issue where the plugin does not sanitize/escape the country and lang parameters before output, enabling arbitrary script execution in the user’s browser (c...