VYPR
Unrated severityNVD Advisory· Published Jun 6, 2022· Updated Aug 2, 2024

WP Statistics < 13.2.2 - Reflected Cross-Site Scripting

CVE-2022-1005

Description

The WP Statistics WordPress plugin before 13.2.2 does not sanitise the REQUEST_URI parameter before outputting it back in the rendered page, leading to Cross-Site Scripting (XSS) in web browsers which do not encode characters

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.