CVE-2022-0201 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in Permalink Manager plugin for WordPress affects v. before 2.2.15.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Toolbox
-
Permalink Manager is a WordPress plugin designed to simplify the management of permalinks (URLs) for your website. It allows users to create custom URL structures for their posts, pages, and other content types. The plugin comes in two versions: Permalink Manager Lite and Permalink Manager Pro. Both versions provide users with the ability to manage their permalinks with ease, but the Pro version also includes additional features such as advanced redirections, custom post types, and more.
The CVE-2022-0201 vulnerability detected in Permalink Manager Lite and Pro versions before 2.2.15 stems from their failure to sanitize and escape query parameters before outputting them on the debug page. This causes a Reflected Cross-Site Scripting issue and makes it possible for attackers to inject harmful code into the website's JavaScript context. A malicious actor could potentially exploit this vulnerability to initiate phishing attacks, steal sensitive information from website visitors, or take over website user accounts.
If this vulnerability is exploited, it can lead to severe consequences for website owners and their visitors. For example, the attacker could use the vulnerability to steal user authentication credentials and gain unauthorized access to their accounts. As a result, users could be left with identity theft issues, loss of sensitive data, and financial losses. Additionally, the website owner could face legal problems and reputational damage if this issue is not fixed promptly.
Securityforeveryone.com offers a powerful and efficient scanner for identifying vulnerabilities in digital assets. With its pro features, website owners can easily and quickly learn about vulnerabilities in their WordPress plugins and take necessary actions to mitigate their risks. By leveraging this tool, they can ensure that their website is secure and their visitors' data is protected from harm.
REFERENCES
control security posture