Lucene search
Ace Candelario (@0xspade)PATCHSTACK:53714CCB1A100C80D41C28F2F38D0437HistoryJan 26, 2022 - 12:00 a.m.
WordPress WordPress GDPR & CCPA premium plugin <= 1.9.26 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
2022-01-2600:00:00
Ace Candelario (@0xspade)
patchstack.com
8
wordpress
gdpr
ccpa
plugin
vulnerability
xss
update
EPSS
0.001
Percentile
47.1%
Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered by Ace Candelario (@0xspade) and Victor Paynat-Sautivet (3DS Outscale SOC) in WordPress WordPress GDPR & CCPA premium plugin (versions <= 1.9.26).
Solution
Update the WordPress WordPress GDPR & CCPA premium plugin to the latest available version (at least 1.9.27).
Related
cvelist
cvelist
nvd
nvd
CVE-2022-0220
2022-02-01 13:15:09
prion
prion
Type confusion
2022-02-01 13:15:00
nuclei
nuclei
WordPress GDPR & CCPA <1.9.27 - Cross-Site Scripting
2022-07-18 13:40:25
wpexploit
wpexploit
wpvulndb
wpvulndb
cve
cve
CVE-2022-0220
2022-02-01 13:15:09