CVE-2022-2115

Description

The Popup Anything WordPress plugin before 2.1.7 does not sanitise and escape a parameter before outputting it back in a frontend page, leading to a Reflected Cross-Site Scripting

Related CPE's

aessentialpluginpopup_anything*****wordpress**

References

https://wpscan.com/vulnerability/1f0ae535-c560-4510-ae9a-059e2435ad39

ExploitThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io