Security for everyone

CVE-2022-0201 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Permalink Manager plugin for WordPress affects v. before 2.2.15.

SCAN NOW

Short Info


Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

CVE-2022-0201 Scanner Detail

Permalink Manager is a WordPress plugin designed to simplify the management of permalinks (URLs) for your website. It allows users to create custom URL structures for their posts, pages, and other content types. The plugin comes in two versions: Permalink Manager Lite and Permalink Manager Pro. Both versions provide users with the ability to manage their permalinks with ease, but the Pro version also includes additional features such as advanced redirections, custom post types, and more.

The CVE-2022-0201 vulnerability detected in Permalink Manager Lite and Pro versions before 2.2.15 stems from their failure to sanitize and escape query parameters before outputting them on the debug page. This causes a Reflected Cross-Site Scripting issue and makes it possible for attackers to inject harmful code into the website's JavaScript context. A malicious actor could potentially exploit this vulnerability to initiate phishing attacks, steal sensitive information from website visitors, or take over website user accounts.

If this vulnerability is exploited, it can lead to severe consequences for website owners and their visitors. For example, the attacker could use the vulnerability to steal user authentication credentials and gain unauthorized access to their accounts. As a result, users could be left with identity theft issues, loss of sensitive data, and financial losses. Additionally, the website owner could face legal problems and reputational damage if this issue is not fixed promptly.

Securityforeveryone.com offers a powerful and efficient scanner for identifying vulnerabilities in digital assets. With its pro features, website owners can easily and quickly learn about vulnerabilities in their WordPress plugins and take necessary actions to mitigate their risks. By leveraging this tool, they can ensure that their website is secure and their visitors' data is protected from harm.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture