Medium severity5.4NVD Advisory· Published May 16, 2022· Updated Jun 17, 2026
CVE-2022-1051
CVE-2022-1051
Description
The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not sanitise and escape the city, phone or profile credentials fields when outputting it in the profile page, allowing any authenticated user to perform Cross-Site Scripting attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <5.2
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/cb2fa587-da2f-460e-a402-225df7744765nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.