The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php`
References
Link | Resource |
---|---|
https://www.wordfence.com/blog/2022/03/reflected-xss-in-spam-protection-antispam-firewall-by-cleantalk/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Wordfence
Published: 2022-04-19T20:26:39
Updated: 2022-04-19T20:26:39
Reserved: 2022-03-30T00:00:00
Link: CVE-2022-28222
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-19T21:15:18.983
Modified: 2022-04-28T03:43:26.687
Link: CVE-2022-28222
JSON object: View
Redhat Information
No data.
CWE