Lucene search
Krzysztof ZającWPVDB-ID:7142A538-7C3D-4DD0-BD2C-CBD2EFAF53C5HistoryJan 26, 2022 - 12:00 a.m.
WP Accessibility Helper (WAH) < 0.6.0.7 - Reflected Cross-Site Scripting (XSS)
2022-01-2600:00:00
Krzysztof Zając
wpscan.com
13
0.001 Low
EPSS
Percentile
41.5%
The plugin does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue
PoC
| CPE | Name | Operator | Version |
|---|---|---|---|
| wp-accessibility-helper | lt | 0.6.0.7 |
Related
cnvd
cnvd
WordPress WP Accessibility Helper plugin cross-site scripting vulnerability
2022-03-02 00:00:00
nuclei
nuclei
WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting
2022-02-19 11:13:05
wpexploit
wpexploit
patchstack
patchstack
prion
prion
Cross site scripting
2022-02-28 09:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-0150
2022-02-28 09:15:08
cve
cve
CVE-2022-0150
2022-02-28 09:15:08