Vulnerabilities > CVE-2022-1597 - Unspecified vulnerability in 2Code Wpqa Builder 5.2

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

2code

NVD

Published: 2022-06-08

Updated: 2024-11-21

Summary

The WPQA Builder WordPress plugin before 5.4, used as a companion for the Discy and Himer , does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks

Vulnerable Configurations

Part	Description	Count
Application	2Code 2Code Wpqa Builder - 2Code Wpqa Builder 5.2	2

References

https://wpscan.com/vulnerability/faff9484-9fc7-4300-bdad-9cd8a30a9a4e
https://wpscan.com/vulnerability/faff9484-9fc7-4300-bdad-9cd8a30a9a4e