2 matches found
WordPress Google Tag Manager Plugin Cross-Site Scripting (CVE-2022-1707)
A cross-site scripting vulnerability exists in the WordPress Google Tag Manager Plugin. This vulnerability is due to insufficient validation of site search requests. Successful exploitation of this vulnerability could result in code execution...
CVE-2022-1707
The CVE-2022-1707 issue affects the WordPress Google Tag Manager plugin (WordPress) up to version 1.15, where reflected Cross-Site Scripting can be triggered via the s parameter due to insufficient sanitization in site search data population to the data layer. The vulnerability targets the public...