Unrated severityNVD Advisory· Published Aug 1, 2022· Updated Aug 3, 2024

Advanced WordPress Reset < 1.6 - Reflected Cross-Site Scripting

CVE-2022-2181

Description

The Advanced WordPress Reset WordPress plugin before 1.6 does not escape some generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting

Affected products

WordPress/Advanced Wordpress Resetinferred
Range: <1.6
Package: https://wordpress.org/plugins/advanced-wordpress-reset

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

wpscan.com/vulnerability/68ddf343-6e69-44a7-bd33-72004053d41emitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000