Unrated severityNVD Advisory· Published Feb 14, 2022· Updated Aug 2, 2024

Permalink Manager < 2.2.15 - Reflected Cross-Site Scripting

CVE-2022-0201

Description

The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/Permalink Manager Prollm-create
Range: <2.2.15
Mbis/Permalink Manager Litellm-fuzzy
Range: <2.2.15
Maciej Bis/Permalink Manager Litev5
Range: 2.2.15
Maciej Bis/Permalink Manager Prov5
Range: 2.2.15

Patches

Vulnerability mechanics

References

plugins.trac.wordpress.org/changeset/2656512mitrex_refsource_CONFIRM
wpscan.com/vulnerability/f274b0d8-74bf-43de-9051-29ce36d78ad4mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000