2 matches found
CVE-2022-0449
The CVE-2022-0449 entry refers to the WordPress Flexi – Guest Submit plugin (versions before 4.20). The root cause is failure to sanitize and escape various parameters before outputting them back to pages (e.g., the user dashboard), enabling Reflected Cross-Site Scripting. Impact is reflected XSS...
CVE-2022-0449 Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting
The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...