mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-29 17:50:34 +00:00
865 B
865 B
CVE-2022-0628
&color=brighgreen)
Description
The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the _wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
POC
Reference
- https://wpscan.com/vulnerability/af9787ee-c496-4f02-a22c-c8f8a97ad902
- https://wpscan.com/vulnerability/af9787ee-c496-4f02-a22c-c8f8a97ad902
Github
No PoCs found on GitHub currently.