CVE-2022-1047

The Themify Post Type Builder Search Addon WordPress plugin before 1.4.0 does not properly escape the current page URL before reusing it in a HTML attribute, leading to a reflected cross site scripting vulnerability.
References
Configurations

Configuration 1

cpe:2.3:a:themify:post_type_builder_search_addon:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-05-09 05:15

Updated : 2022-05-17 04:10


NVD link : CVE-2022-1047

Mitre link : CVE-2022-1047

CWE