Log HTTP Requests < 1.3.2 – Stored Cross-Site Scripting | CVE 2022-3402

Affects Plugins

log-http-requests

Fixed in 1.3.2

References

CVE

CVE-2022-3402

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

6.1 (medium)

Miscellaneous

Original Researcher

Etan Imanol Castro Aldrete

Verified

No

WPVDB ID

861057e6-19c9-4b3f-aebb-bd486b6d01c8

Timeline

Publicly Published

2022-10-05 (about 1 years ago)

Added

2022-10-27 (about 1 years ago)

Last Updated

2022-10-27 (about 1 years ago)

Other

Published

Title

Published

2020-08-31

Title

Subscribe Sidebar <= 1.3.1 - Authenticated Reflected Cross-Site Scripting

Published

2024-04-15

Title

What's New Generator <= 2.0.2 - Authenticated (Admin+) Stored Cross-Site Scripting

Published

2019-10-24

Title

JobMonster < 4.5.2.9 - Unauthenticated Reflected Cross-Site Scripting

Published

2014-08-01

Title

Newsletter Manager < 1.0.2 - Authenticated Reflected Cross Site Scripting

Published

2023-06-12

Title

WPForms Google Sheet Connector < 3.4.6 - Reflected XSS