Vulnerabilities > CVE-2022-1221 - Unspecified vulnerability in Gwyn'S Imagemap Selector Project Gwyn'S Imagemap Selector 0.3.2/0.3.3

047910
CVSS 6.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
gwyn-s-imagemap-selector-project

Summary

The Gwyn's Imagemap Selector WordPress plugin through 0.3.3 does not sanitise and escape some parameters before outputting them back in attributes, leading to a Reflected Cross-Site Scripting.