CVE-2022-2599 | HackTesting

The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.21.83 does not sanitise and escape some parameters before outputting them back in an admin dashboard, leading to Reflected Cross-Site Scripting

Credits

Krzysztof Zając

References

https://wpscan.com/vulnerability/276a7fc5-3d0d-446d-92cf-20060aecd0ef