Vulnerability Details CVE-2022-0626
The Advanced Admin Search WordPress plugin before 1.1.6 does not sanitize and escape some parameters before outputting them back in an admin page, leading to a Reflected Cross-Site Scripting.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2022-0626
-
cpe:2.3:a:kuroit:advanced_admin_search:-
-
cpe:2.3:a:kuroit:advanced_admin_search:0.9
-
cpe:2.3:a:kuroit:advanced_admin_search:0.9.1
-
cpe:2.3:a:kuroit:advanced_admin_search:1.0
-
cpe:2.3:a:kuroit:advanced_admin_search:1.1
-
cpe:2.3:a:kuroit:advanced_admin_search:1.1.1
-
cpe:2.3:a:kuroit:advanced_admin_search:1.1.2
-
cpe:2.3:a:kuroit:advanced_admin_search:1.1.3
-
cpe:2.3:a:kuroit:advanced_admin_search:1.1.4
-
cpe:2.3:a:kuroit:advanced_admin_search:1.1.5