Vulnerability CVE-2022-3484
Published: 2022-11-14

Description:
The WPB Show Core WordPress plugin through TODO does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://wpscan.com/vulnerability/3afaed61-6187-4915-acf0-16e79d5c2464
Copyright 2026, cxsecurity.com

 

Back to Top