Lucene search
Felipe Tapia SasotWPEX-ID:3CC1BB3C-E124-43D3-BC84-A493561A1387HistoryFeb 16, 2022 - 12:00 a.m.
Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting
2022-02-1600:00:00
Felipe Tapia Sasot
140
0.001 Low
EPSS
Percentile
40.2%
The plugin does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting
Open the following URL when authenticated (as any user): https://example.com/user-dashboard/?search=keyword:<img%20src=1%20onerror=alert(/XSS/)>Related
patchstack
patchstack
nvd
nvd
CVE-2022-0449
2022-03-14 15:15:09
wpvulndb
wpvulndb
Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting
2022-02-16 00:00:00
prion
prion
Cross site scripting
2022-03-14 15:15:00
cve
cve
CVE-2022-0449
2022-03-14 15:15:09
cvelist
cvelist
CVE-2022-0449 Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting
2022-03-14 14:41:32