← Back

CVE-2022-2173

nvd nist
Published: Jul 17, 2022Modified: Jun 17, 2026

JSON object

Loading...
6.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD

Description

The Advanced Database Cleaner WordPress plugin before 3.1.1 does not escape numerous generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting

Affected (1)

1 product
Advanced Database Cleaner
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Before 3.1.1

References (2)

Source: contact@wpscan.com
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.