VYPR
Unrated severityNVD Advisory· Published Feb 28, 2022· Updated Aug 2, 2024

WP RSS Aggregator < 4.20 - Reflected Cross-Site Scripting (XSS)

CVE-2022-0189

Description

The WP RSS Aggregator WordPress plugin before 4.20 does not sanitise and escape the id parameter in the wprss_fetch_items_row_action AJAX action before outputting it back in the response, leading to a Reflected Cross-Site Scripting

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.