Vulnerability Details CVE-2022-1597
The WPQA Builder WordPress plugin before 5.4, used as a companion for the Discy and Himer , does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks
Exploit prediction scoring system (EPSS) score
EPSS Score 0.334
EPSS Ranking 96.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2022-1597
-
cpe:2.3:a:2code:wpqa_builder:-
-
cpe:2.3:a:2code:wpqa_builder:5.2