CVE-2022-0599
Mapping Multiple URLs Redirect Same Page <= 5.8 - Reflected Cross-Site Scripting
Vexday Risk Score
18Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS —EPSS 1.7%KEV nãoPoC —Nuclei simMetasploit —Patch —
Lifecycle
28 Mar 2022Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
The Mapping Multiple URLs Redirect Same Page WordPress plugin through 5.8 does not sanitize and escape the mmursp_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Affected products
Unknown · Mapping multiple URLs redirect same pageWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →