QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-0953

Back to search

CVE-2022-0953

Published: Apr 25, 2022

Modified: Aug 2, 2024

PUBLISHED

Description

The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters

VendorProductVersions

Unknown

Anti-Malware Security and Brute-Force Firewall

affected
4.20.96 - < 4.20.96

Weaknesses (CWE)

CWE-79

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now