Vulnerability Details CVE-2022-0953
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2022-0953
-
Download Anti-Malware Security And Brute-Force Firewall Project » Download Anti-Malware Security And Brute-Force Firewall » Version: Anycpe:2.3:a:download_anti-malware_security_and_brute-force_firewall_project:download_anti-malware_security_and_brute-force_firewall:*