CVE-2022-2181

Summary

The Advanced WordPress Reset WordPress plugin before 1.6 does not escape some generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting

Affected Software

VendorProductVersion RangeStatus
UnknownAdvanced WordPress Reset1.6 < 1.6affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References