2 matches found
CVE-2022-28290
Reflective Cross-Site Scripting vulnerability in WordPress Country Selector Plugin Version 1.6.5. The XSS payload executes whenever the user tries to access the country selector page with the specified payload as a part of the HTTP request...
CVE-2022-28290
CVE-2022-28290 affects the WordPress Country Selector plugin until version 1.6.5. The vulnerability is a reflected Cross-Site Scripting (XSS) issue where the plugin does not sanitize/escape the country and lang parameters before output, enabling arbitrary script execution in the user’s browser (c...