VYPR
Medium severity6.1NVD Advisory· Published Feb 28, 2022· Updated Jun 17, 2026

CVE-2022-0385

CVE-2022-0385

Description

The Crazy Bone WordPress plugin through 0.6.0 does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.