CVE-2022-4310

Description

The Slimstat Analytics WordPress plugin before 4.9.3 does not sanitise and escape the URI when logging requests, which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks against logged in admin viewing the logs

Related CPE's

awp-slimstatslimstat_analytics*****wordpress**

References

https://wpscan.com/vulnerability/b1aef75d-0c84-4702-83fc-11f0e98a0821

ExploitThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io