Security for everyone

CVE-2022-1598 Scanner

Detects 'Information Disclosure' vulnerability in WPQA Builder plugin for Wordpress affects v. before 5.5.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2022-1598 Scanner Detail

The WPQA Builder plugin is a WordPress plugin designed to create question and answer sections. It's typically used on websites and forums to enable users to post questions, and other users can respond, creating a discussion. The plugin is widely used on WordPress sites to create a platform for people to share ideas and receive answers to their queries.

Recently, a security vulnerability has been discovered in the WPQA Builder plugin. The vulnerability is identified with the CVE-2022-1598 code. The issue is related to the plugin's REST API endpoint, which lacks authentication, allowing unauthorized users to access private questions sent between users on the site. The vulnerability exposes the privacy of sensitive information sent between individuals, making it a significant concern for websites that prioritize data protection.

The exploitation of this vulnerability can have severe implications for websites using the WPQA Builder plugin. For instance, a malicious attacker can use this vulnerability to leak sensitive customer information such as usernames, email addresses, and passwords. Additionally, attackers can use the vulnerability to launch phishing campaigns that target the website's users. The consequences of these attacks can be costly, especially for businesses that could potentially lose their reputation and face legal liabilities.

By subscribing to the pro features of the platform, website owners can quickly and easily learn about vulnerabilities that may exist in their digital assets. The platform provides an environment where users can scan their websites for security vulnerabilities and receive reports and recommendations on how to resolve identified issues. With, website owners can ensure the safety and integrity of their digital assets and protect their customers' privacy.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture