Medium severity5.4NVD Advisory· Published Apr 25, 2022· Updated Jun 17, 2026
CVE-2022-1152
CVE-2022-1152
Description
The Menubar WordPress plugin before 5.8 does not sanitise and escape the command parameter before outputting it back in the response via the menubar AJAX action (available to any authenticated users), leading to a Reflected Cross-Site Scripting
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Menubar plugindescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/1c55fda9-e938-4267-be77-a6d73ee46af3nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.