VYPR
Medium severity5.4NVD Advisory· Published Apr 25, 2022· Updated Jun 17, 2026

CVE-2022-1152

CVE-2022-1152

Description

The Menubar WordPress plugin before 5.8 does not sanitise and escape the command parameter before outputting it back in the response via the menubar AJAX action (available to any authenticated users), leading to a Reflected Cross-Site Scripting

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.