4 matches found
CVE-2022-1773
The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-1773
creationtimestamp| type| source ---|---|--- 2022-11-24 14:04:16+00:00| seen| https://t.me/cibsecurity/44278...
CVE-2022-1773
The CVE-2022-1773 entry concerns the WP Athletics WordPress plugin (versions up to 1.1.7). The vulnerability arises because the plugin does not sanitize and escape a parameter before echoing it on an admin page, enabling a Reflected Cross-Site Scripting (XSS) attack. Several connected sources con...
CVE-2022-1773 WP Athletics <= 1.1.7 - Reflected Cross-Site Scripting
The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting...