Vulnerability Details CVE-2022-1268
The Donate Extra WordPress plugin through 2.02 does not sanitise and escape a parameter before outputting it back in the response, leading to a Reflected cross-Site Scripting
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2022-1268
-
cpe:2.3:a:donate_extra_project:donate_extra:2.02