3 matches found
CVE-2022-0201
The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-0201 Permalink Manager < 2.2.15 - Reflected Cross-Site Scripting
The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-0201
The CVE pertains to WordPress Permalink Manager Lite and Pro plugins prior to version 2.2.15, with a Reflected Cross-Site Scripting (XSS) vulnerability caused by not sanitising/escaping query parameters before echoing them on the debug page. Affected components: Permalink Manager Lite/Pro plugins...