3 matches found
CVE-2022-0953
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERYSTRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters...
CVE-2022-0953
The CVE-2022-0953 entry describes a Reflected Cross-Site Scripting vulnerability in the WordPress plugin “Anti-Malware Security and Brute-Force Firewall” prior to version 4.20.96. The flaw stems from failure to sanitize/escape QUERY_STRING before returning it to an admin page, enabling XSS in bro...
CVE-2022-0953 Anti-Malware Security and Brute-Force Firewall < 4.20.96 - Reflected Cross-Site Scripting
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERYSTRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters...