Vulnerability Details CVE-2022-1047
The Themify Post Type Builder Search Addon WordPress plugin before 1.4.0 does not properly escape the current page URL before reusing it in a HTML attribute, leading to a reflected cross site scripting vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.3%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2022-1047
-
cpe:2.3:a:themify:post_type_builder_search_addon:*