CVE-2022-0206

The NewStatPress WordPress plugin before 1.3.6 does not properly escape the whatX parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues
References
Configurations

Configuration 1

cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-02-14 12:15

Updated : 2022-02-22 07:38


NVD link : CVE-2022-0206

Mitre link : CVE-2022-0206

Products Affected
No products.
CWE